Embedded Files
Privacy Policy- Purple poppy Counselling
Privacy Policy- Purple poppy Counselling
Who I Am
Who I Am
I am Amy Gordon, a BACP-registered counsellor offering in-person counselling in Rochester/Gravesend, Kent, and online across the UK and some European countries. I’m the data controller for any personal information you share with me. I’m registered with the Information Commissioner’s Office (ICO).
My Commitment to Your Privacy
Your privacy is important to me. I keep your personal information safe, confidential, and only use it for the purposes it was given. I comply with the the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
This policy explains:
- What personal information I collect and why
- How I store and protect it
- Who I might share it with (and why)
- How long I keep your information
- Your rights under data protection law
What Data I Collect
What Data I Collect
Depending on where you are in the therapy process, I may collect:
- Name, date of birth, and contact details
- Address and GP information
- Medical and mental health history
- Emergency contact details/next of kin
- Family background and life history
- Session notes and therapy goals
- Referral information (if applicable)
I only collect what’s necessary to provide you with effective and safe counselling sessions.
How Your Information Is Collected
How Your Information Is Collected
Most of the data I hold comes directly from you — usually during our first contact, your intake form, or in our counselling sessions. Sometimes I may receive information from a third party, such as a GP or referrer, with your consent.
Lawful Basis for Processing
Lawful Basis for Processing
Under UK GDPR, I must have a lawful basis to process your data. These are:
- Contract: To deliver counselling services you’ve requested and outline terms of counselling.
- Legitimate interests: For safe record-keeping and ethical practice.
- Legal obligation: If I’m required to disclose information (e.g. court order).
- Consent: For storing and processing sensitive data (like health-related information).
For special category data (e.g. health information), the lawful basis is that it is necessary for health care provision under a contract between us.
How I Use Your Data
How I Use Your Data
I use your information to:
- Provide counselling and communicate with you
- Keep records required by my professional body (BACP) and insurers
- Maintain safety and comply with the law
Your data is never sold or used for marketing.
Online Sessions
Online Sessions
If you attend counselling online, we will meet via Google meet, which provides end-to-end encryption to protect our conversations. I do not record sessions or store them digitally. You are responsible for ensuring your own environment is private and secure at your end during online sessions.
Confidentiality & Data Sharing
Confidentiality & Data Sharing
Everything you share in counselling is confidential. The only exceptions are:
- Supervision: I discuss client work anonymously with a qualified supervisor to maintain safe and ethical practice.
- Risk: If I believe you or someone else is at serious risk of harm, I may contact your GP, emergency services, or safeguarding teams.
- Legal obligations: I must report disclosures related to terrorism, money laundering, or drug/human trafficking.
- Court orders: I may be legally required to provide information to a court.
How I Store and Protect Your Data
How I Store and Protect Your Data
I take data security seriously:
- Electronic records are stored on encrypted, password-protected devices and cloud systems.
- Written notes are kept securely in locked storage.
- Only I have access to your data.
- Emails and texts are deleted after no longer being relevant (usually within 3 months). If content is important, it’s saved in your counselling record.
How Long I Keep Your Information
How Long I Keep Your Information
- I retain your records for 6 years after our work ends, in line with BACP guidance and my insurance.
- After that, they are securely deleted or destroyed.
- If you request deletion sooner and I am not legally required to keep the data, I will honour your request.
Your Rights
Your Rights
You have the right to:
- Ask what data I hold about you
- Request a copy of your data (free of charge)
- Correct inaccurate or incomplete information
- Withdraw consent (where applicable)
- Request that I delete or stop processing your data (unless I must retain it legally)
- Lodge a complaint with the ICO
To make a request, contact me directly. I will respond to you within one month of you making such a request.
Website Visitors
No personal data is collected automatically when you visit the site.
Contact Enquiries
Contact Enquiries
If we do not begin working together, I will delete your enquiry and any related personal data within 30 days.
If we do not begin working together, I will delete your enquiry and any related personal data within 30 days.
If we do begin working together, your information will be retained and stored securely as part of your counselling record.
If we do begin working together, your information will be retained and stored securely as part of your counselling record.
Complaints
Complaints
If you’re unhappy with how I handle your personal information, please contact me first. I will always try to resolve concerns quickly and respectfully.
If you're still not satisfied, you can contact the Information Commissioner’s Office (ICO):
https://ico.org.uk/make-a-complaint
I regularly review my policies and will update this page with any changes.
Page updated
Google Sites
Report abuse