Website and GDPR Privacy Policy 

The data controller is Digna Patel.  

 

Lotus Blossom Counselling is registered with the Information Commissioners Office ICO: ZA668269. 

 

Below is the information which my website collects.

 

Cookies and links to external websites

Cookies

This site uses cookies. These are small text files that are placed on your computer by websites that you visit. They are used in order to make websites work efficiently, as well as to provide information to the owners of the site about people’s use of it.  

Session cookies' are stored only temporarily during your browsing session to allow normal use of the site and are deleted from your device when the browser is closed.

Personal Information from your device is collected such as geolocation data, IP address, unique identifiers (e.g. MAC address) and other information which relates to your activity through the site. You can choose your use of cookies via the pop-up cookie notification and by following the instructions of your device preferences. 

Links to external websites

This website contains hyperlinks to many other websites. I am not responsible for the content or functionality of any of those external websites. 

If an external website requests personal information from you, the information you provide will not be covered by Lotus Blossom Counselling's Privacy Policy. It is suggested that you read the privacy policy of any website before providing any personal information.

 

Analytics

My website host Wix.com collects behaviour patterns of website visitors. This does not identify individuals but shows me 3 things. The number of site visits, number of specific page views, and the type of device used eg mobile, desktop, laptop. 

I also use google analytics as a third-party company to also collect behaviour patterns of website visitors. This information does not identify individuals but shows a collection of website usage from the number of website visits, frequently used pages etc. Google’s use and ability to share information collected via Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.

https://policies.google.com/privacy

 

Website contact me button

I use the personal data of your email address for correspondence with you regarding your enquiry about the services of Lotus Blossom Counselling. I only retain the information for the period we are in correspondence and then it is deleted as confidential waste.

I do not use the information you supply via the contact me button for marketing purposes or share with third parties unless I am required to by law. 

 

I use gmail when responding to website enquiries. Gmail encrypts messages in transit (techy bit again: using TLS Transport Layer Security) on a basic level this means that emails can’t be read by third parties in transit. You may have no idea if your email provider uses TLS so please bear in mind that sending information by email can’t always be guaranteed secure so please consider the level of personal information you share in an email.

Google servers are based in the US. Gmail as part of Google is covered by the US privacy shield (this is a level of approved security to pass information from UK to the US) so by definition, your personal data of email address and IP address may go outside of the EEA. https://www.privacyshield.gov/list

 

General data protection regulation GDPR information for Lotus Blossom Counselling. 

 

This statement details how I collect, store or share/process your personal data including special category data.

 

What information do I collect?

• Name

• Contact number

• Email address 

• Address

• Date of birth 

• Emergency contact name and number

• Financial details (by proxy on my bank statement after you make a payment)

Payment Security

Lotus Blossom Counselling will never store your card entire card details on any of the internal computer or network systems.

I cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.

 

What do I use this information for?

This client information is used as contact and emergency contact information while you are in counselling. 

 

Do I share/store your personal data?

I only use your data in relation to the delivery of my services and do not use it for marketing purposes or sell to third parties. There are very specific limited counselling reasons why I may need to share/process your data.

Legitimate interest

1. It may become necessary during our work together for me to break confidentiality for safeguarding reasons, serious harm to self or others, acts of terrorism or drug trafficking/money laundering. The personal data shared will be adequate and proportionate eg the minimum required. Your information may be shared with health professionals & emergency services as appropriate.  

2. Clinical will. In the event of my death or becoming incapacitated a family member will pass a sealed envelope from my secure storage containing name and contact details of my current clients to my clinical supervisor. This is to enable my supervisor to make contact re my situation and to discuss counselling options going forward to maintain your safety. My clinical supervisor follows the same confidentiality system as me.

Legal obligation

1. I may be required to share information in your notes if I am issued with a court order.

2. I keep anonymous notes from our sessions in line with the requirements of my professional insurance and the limitation act. Special category data 9 (f) processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.

3. I am required to keep financial records for the purpose of tax returns for 7 years.

Consent

1. If you ask me to share your notes/information with other medical professionals or your legal representative. 

 

How long do I keep your information? (Data retention schedule)

1. If you choose not to continue with counselling after your assessment session your information will be disposed of 2 weeks after as confidential waste. 

2. If you choose to continue with counselling, I keep client notes that are anonymous and separately name/email address for 5 years after your last session in line with the requirements of my professional insurance. For under 18’s name/contact and anonymous notes will be kept for 5 years after the age of 18 is reached. 

 

All information is stored as confidential data in locked storage, password protected device or encrypted memory stick and destroyed at the end of the data retention period as confidential waste. 

 

Your rights under GDPR

• Right to be informed, 

• Right to access (you can request to see the information I hold about you) 

• Right of rectification, 

• Right to erasure, Not applicable to lawful reason legal obligation

• Right to restrict processing, 

• Right to data portability, Not applicable to lawful reason legal obligation /legitimate interest 

• Right to object, Not applicable to lawful reason/ legal obligation

• Rights related to automated decisions.  

It should be noted that the ICO says these are not all absolute rights:https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

 

If you have any concerns about how I have used your data, you can discuss it with me in the first instance if you feel able to. My contact details info@lotusblossomcounselling.com. You also have the right to complain to the information commissioner’s office ICO. 0303 123 1113    

 

This privacy statement is kept under regular review. Last updated 1 June 2020. 

©2020 by Lotus Blossom Counselling