As part of the counselling service we offer, there will be a need to share your personal data with Lilac Counselling Services. Protecting your data and any information we have about you is extremely important to us and we ensure our responsibility in protecting your data through this policy, which sets out the steps taken to keep your information safe.

We cover the following information within this policy:

• Data security

• Your Data and Information

• Sharing Information and Data

• Protecting our Clients

• Data Breaches

• Complaints

How we protect your privacy - Overview

Your privacy is our top priority. We're committed to safeguarding your personal information and handling it with the utmost care. Here's how we ensure your data is secure: 

• Data Storage: We aim to operate a paperless service, however there will be times that hard copy information will be needed. All hard copy documentation is labelled with a client reference and stored in a locked cabinet away from the counselling room.

• Data Minimization: We only collect the necessary information to provide our services.

• Data Encryption: We use advanced encryption techniques to protect your data both in transit and at rest.

• Secure Storage: Your information is stored securely with robust access controls.

• Regular Security Audits: We conduct regular security assessments to identify and address potential vulnerabilities.

• Limited Access: Only authorised personnel have access to your data on a need-to-know basis.

• Compliance with Regulations: We adhere to relevant data protection laws and regulations, such as GDPR and Data Protection Act.

• Transparent Practices: We're open and transparent about our data practices. You can review our full privacy policy for more details.

By taking these measures, we strive to provide a safe and secure environment for your interactions with our services.

In order to protect your information, we have put in place physical, electronic and managerial procedures to safeguard and secure the information we collect in line with UK government legal requirements, GDPR and Data Protection Act 2018. The steps we have taken to avoid loss, misuse or unauthorised access or disclosure of your data includes:

• Minimal data storage (we only store data that we need)

• Password access controls

• Security

  • Online best practice and storage  

  • Hard copy and physical access

  • Devices, applications and internet services that are encrypted and safe to use

• Ensuring third parties services are GDPR compliant

Initial contact

If you contact us to enquire about our services or book an appointment we need to collect contact information:

• Name

• Address

• Email address

• Telephone number

This information is collected online, on the phone and when you visit our counselling practice.

Client information

In order to operate a professional therapy practice, we store:

• Confidential therapy notes from your sessions in a combination of

  • Hard copy

  • Online

  • Audio recordings

• Appointment information

  •  attendance

  • Absence (missed appointments, cancellations)

• Communications sent to you and received from you, in the form of:

  • Messages (text or WhatsApp)

  • Emails

  • Letters

  • Documents

• Records of your payment transactions

  • Invoices

  • Credit Notes

  • Payment received/refunded/cancelled

This data is collected to ensure we provide an accurate, informed and professional counselling service at all times.

Website interactions

Information may be collected about your browser or device for our website to operate correctly. If you have agreed to analytics tracking we use Google Analytics to help us understand how our website is used, so that we can make improvements.

We use the information you provide us with to:

A)      General Category Data - Contact information – responding to enquiries and in relation to appointments or other agreed communications. This may also apply to any changes to our privacy policy and/or any other policies

B)      Special Category Data - Client records – maintaining accurate treatment and therapy records is necessary to provide our Counselling service and demonstrate the service provided to you whilst you have been a client with Lilac Counselling Services.

Lilac Counselling Services maintain the highest regard for personal confidentiality and as such we understand the importance of looking after the data we receive. We have been fully trained to safeguard, respect and maintain your information and all data about you.

We only collect data that is absolutely necessary.

The data stored and accessed by your Counsellor ensures we are giving you the best counselling service possible.

Client records

Counsellors have both a legal and ethical duty to store client records and notes, information and data safely and securely.

Client Records include …

·       client session notes,

·       contracts,

·       client creative work,

·       diaries,

·       emails,

·       text messages.

Client records are ……

a) anything that directly identifies a client,

b) anything that can identify a client when combined with other information.

Hard Copy Data

All paper-based notes are kept in a lockable cabinet, with client contact information kept separate to client session notes.

Electronic Data

All electronic records are stored securely within a cloud-based encrypted and secure provider. All records and devices used are password protected with a two-step verification system in place.

Retention Period

All records are kept for seven years before being destroyed, in line with GDPR and Data Protection requirements.

Marketing

We do not use any client data for marketing purposes. We do not sell, distribute or lease personal information to third parties. Any quotes or recommendations shared will be anonymous (unless you, the client, specifically allows initials and town location to be used) and only with permissions attained.

All client sessions are strictly confidential.

In line with legal and ethical practice,  there are limits to therapeutic confidentiality. It is a legal requirement and ethical responsibility to report any concerns, where we believe there is a risk of safety to our client(s), their family members, friends or general public.  These limitations include:

• Harm To Self Or Others - This includes disclosure of suicide, intent to self-harm or inflict harm on others

• Domestic Abuse – Where child safeguarding is applicable - situations where children are present and in potential danger.

• Illegal Activities:

  • Membership of a terrorist organisation

  • Criminal activities that endanger self or others

  • Any act of terrorism

  • Drug running

  • Sex trafficking or Modern Slavery involvement

• Any criminal act of which you have not been convicted

• Legally bound submission - if a warrant is issued by a court of law for my notes, I am legally obliged to submit notes that are relevant to the investigation or case

• Other Medical Professionals – If requested by your GP or other medical or multi-professional organisations supporting you, I am obliged to share my notes, however in this instance notes will only be shared with your explicit permission and consent.

Please also refer to our Confidentiality statement at the beginning of our Legal Section within this website

For legal and financial transparency we have to provide details of all business finances to our accountant and HMRC. This information will include financial transactions with our clients such as:

•  Invoices

• Credit Notes

• Payment received/refunded/cancelled

Data Access

You have the right to know what personal data we hold about you and to make sure it’s correct and up to date. In order to receive such information, please send your request, including your full contact details, to our registered address. We will send you a reply within 30 days.

Data Correction

Should you believe your data is incorrect and wish to update or advise us of any changes concerning the information we hold, please advise us as soon as possible and we will make sure your records are corrected immediately. In such instances we would recommend notifying us of changes or corrections through:

·       Email

·       WhatsApp text

·       Verbal notification at our next session

Data Erasure

·       Client rights - Unfortunately, we are unable to erase the data of clients who have received therapy services within seven years from the time the therapy sessions were concluded. This is a legal requirement. However, we are able to make any relevant updates (change of address or telephone number or email address)

·       Non-Client rights - If you have contacted Lilac Counselling Services only,  and not become a client, you are within your legal rights to request us to erase  your data.  Any data erasure must be requested in writing via email or letter. Please allow 30 days for us to process your request and confirm removal of your data from our system(s). Please note that we are unable to erase any transactional data as this is a legal requirement.

In the unlikely event of a data breach, Lilac Counselling Services will promptly notify you of any unauthorised access to your personal information and advise what steps have been taken to avoid comprised data in the future. All in accordance with GDPR and Data Protection Act 2018.

Should you feel we have not handled your personal information and data in an appropriate manner, you have the right to raise a complaint. Our complaints process is as follows:

• • Write to Tracey Gee at Lilac Counselling Services via email or letter (please see our contact details on our Contact Us page of the Lilac Counselling Services website)

  • Please allow 28 days following receipt of the correspondence for Lilac Counselling Services to respond to your complaint.

  • Should you feel that we have not supported you appropriately, or are unhappy with our response, and believe our processing of your personal data and information is not compliant with GDPR and Data Protection Act 2018, or UK law, you may wish to escalate your complaint to the Information Commissioner’s Office (ICO).

Registered Head Office:   The Lilacs, 48 Cottage Lane, Burntwood, Staffordshire  WS7 4XZ