OUR PRIVACY AND COOKIES POLICY
PRIVACY
Hypnotherapy for Healing is committed to respecting your privacy and the privacy of every visitor to my web site and person completing a form.
Should you have a question about the data stored, my contact details are:
Karen Burrett
hypntherapyforhealing@gmail.com
07799005407
I, Karen Burrett and the data controller and processor of Hypnotherapy for Healing.
The information collected about you will only be used lawfully (in accordance with the Data Protection Act 1998 and the General Data Protection Regulation 2018 (GDPR)).
This information will not be disclosed to anyone outside Hypnotherapy for Healing or its associated companies, partners, and other parties with which Hypnotherapy for Healing has arranged services for your benefit.
The information held is expected to be accurate and up to date. You have the right as an individual to find out what information is held about you and make changes if necessary; you also have the right, assuming I am not obligated by law to refuse, to ask for your information to be removed or rectified. To have your information removed or rectified, please contact hypnotherapyforhealing@gmail.com
The type of information that I will collect, and you voluntarily provide on this website form includes:
* Your name
* Email address
* Email requests
You are under no statutory or contractual requirement or obligation to provide your personal information; however, the information above is required in order for your initial enquiry to be dealt with in an efficient and effective manner.
Further information may be collected during agreed hypnotherapy sessions which may include:
*Information you provide as part of the therapy or coaching session
*Records of interventions, tools and approaches I have used in sessions
*Emails, text or messages sent between us
*Payment information
Some of the information you provide may fall under the definition of Special Category Data as set out by the GDPR. The condition for processing this special data is “processing is necessary for medical diagnosis, the provision of health care or treatment pursuant to contract with a health professional”.
Data is not shared with anyone, except possibly your GP, and for any reasons covered by the Requirements for Disclosure which are detailed and discussed when we first meet and form part of our contract. My accountant will see bank records which will contain any information that you provide when making payment. If you would like me to redact your identifiable data before sending to the accountants then please let me know.
The basis on which data is kept is for ‘legitimate purpose’ only to enable me to provide therapy and coaching services and only reasonable and relevant data will be stored.
Details of where data is held:
· Any emails sent between us are held either on my computer’s hard drive or exchange server or if archived, in Dropbox which is a GDPR compliant, secure cloud-based storage. Any emails held on my mobile phone are fingerprint/code protected.
· Any texts/Whatsapp messages/Messenger messages sent between us held on my mobile phone are fingerprint/code protected (See social Media Policy).
· Your notes are handwritten and are kept in a locked filing cabinet. A coding system enables the therapist to know whose notes are whose, but a stranger seeing the notes would not be able to identify who they refer to.
· If you use online banking then clearly these systems will hold your data. I download from these systems for accounting purposes only and the resulting spreadsheets are held in Dropbox before being sent to my accountant using a secure shared drive.
Unless otherwise required by law, your data will be stored for a maximum period of 10 years after our last contact or until no longer required by my insurance provider, at which time paper records (case notes) will be shredded and electronic records (case notes, emails, text messages) will be deleted.
PROTECTION OF PERSONAL INFORMATION
Hypnotherapy for Healing takes precautions, including administrative, technical, and physical measures, to safeguard your Data against loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and destruction.
Hypnotherapy for Healing uses industry-standard efforts to safeguard the confidentiality of Data, including encryption, firewalls and SSL (Secure Sockets Layer). Reasonable administrative, technical, and physical security controls have been implemented to protect against the loss, misuse, or alteration of your Data.
However:
· I am not in control of data (including emails and texts) which you send me
· Apps such as Facebook routinely access any information held and this is beyond my control.
If there is any breach of data security Hypnotherapy for Healing will give full details to the Information Commissioners Office and any person affected within 72 hours of the breach and do all possible to minimise any potential impact.
You have rights with regards to the data held:
-
The right of access. I will provide you with all data I hold on you as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).
-
The right to rectification. If any data I hold is incorrect, just let me know and I will correct it as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).
-
The right to erasure. If you wish me to erase your data just let me know and I will delete any computer records and shred any paper records as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).
-
The right to restrict processing. This would usually be a stop-gap measure before correction of any errors or before erasure
-
The right to data portability. This might apply if you want your notes sent to another therapist for example, but it is likely that the easiest solution would come under the right to access, i.e. I would send the data to you.
COOKIES
This site uses cookies – these are small text files that are placed on your device to help this website to provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
GOOGLE ANALYTICS
This website sets “first party” cookies through its use of Google Analytics. We use Google Analytics to provide us with non-personal site analytics, which in turn help us improve this website. Google Analytics tracking uses cookies in order to provide meaningful reports about web site visitors’ but they do not collect personal data about you. Google Analytics sets or updates cookies only to collect data required for the reports. Additionally, Google Analytics only uses first-party cookies. This means that all cookies set by Google Analytics cannot be altered or retrieved by any service on any domain other than this website. Further detailed information on Google Analytics cookies can be found here.
If you have a concern about how we handle your data, or you would like to lodge a complaint, you may do so by contacting The Information Commissioners Office.