Counselling and Therapy Based in Coventry and Online
kevinchan2093@gmail.com
Call Me 07356079867
Free Consultation

Privacy and Cookie Policy

This policy details how your personal data is collected, securely stored, and managed in strict accordance with UK data privacy laws and the UK General Data Protection Regulation (UK GDPR).

Data Collection & Usage Details & Procedures
Data Controller Kevin Chan is the designated Data Controller. You can contact him directly via email at kevinchan2093@gmail.com.
Lawful Basis for Processing Data is processed under several lawful grounds under UK GDPR:

  • Contractual Obligation: To fulfill the explicit terms of the counselling agreement.
  • Legitimate Interests: For the safe, professional administration of the practice.
  • Special Category Data (Health): Processing of clinical information is conducted under the provision of healthcare, psychotherapy, and clinical services.
  • Legal Obligation: For standard financial and tax record-keeping requirements.
Information Gathered & Purpose We collect specific, necessary details to ensure safe and ethical practice:

  • Contact Details: Name, age, address, email, and phone numbers to coordinate appointments.
  • Emergency Contact: Date of birth (as an NHS identifier) and GP contact details, utilised only if there is an immediate risk of serious harm or a medical emergency during a session.
  • Clinical Notes: Brief family background, relevant medical conditions, medications, and brief session themes to guide effective clinical care.
Data Security & Storage Your privacy is strictly protected across all storage formats:

  • Physical Data: Initial intake assessments, signed agreements, and paper documents are locked securely in a private filing cabinet.
  • Digital Records: Emails, digital communications, and phone numbers are stored on password-protected devices accessible only by the controller. Any digital diary structures utilise professional, encrypted cloud infrastructure providing 256-bit TLS encryption.
Limits of Confidentiality Clinical data is strictly confidential and will never be shared or sold. Information is only shared under specific legal exceptions:

  • If records are subpoenaed directly by a court of law.
  • If there is an imminent risk of serious harm to yourself or another individual.
  • Statutory legal obligations requiring disclosure under UK law, such as clear knowledge of money laundering or terrorism.
  • Anonymised case review within professional clinical supervision, ensuring no identifying details are disclosed.
Retention & Disposal Core records (session notes, contracts, assessment sheets, and unique reference codes) are retained securely for exactly 7 years following the conclusion of therapy, as mandated by professional insurance parameters. Secondary digital communication links (phone numbers and text emails) are permanently deleted 1 month after your therapeutic work concludes. Detailed process reflections are shredded immediately upon termination of care.

Cookie Policy

This website uses essential security cookies and a single third-party analytics script to monitor platform performance and enhance user experience.

Cookie Type Provider Purpose & Expiry
Google Analytics Google LLC An anonymous tracking cookie used to monitor website traffic patterns, visitor counts, and page performance. No personal or identifying user details are captured. Expires vary from session to 2 years.

You can manage, block, or delete cookies at any time by accessing the privacy and security settings inside your web browser.

Your Statutory Rights Under GDPR

You hold clear legal rights regarding how your data is handled:

  • Right to Access: You can request a complete copy of the data held about you at any time, which will be provided within one month.
  • Right to Rectification: You can request the immediate correction of any inaccurate or incomplete records.
  • Right to Data Portability: You have the right to request your personal information be securely transferred to another party.
  • Right to Erasure: You can request your personal information be deleted (this can be declined if keeping the records is legally or professionally required for insurance compliance).

Complaints Procedure

We aim to offer a deeply supportive, professional, and transparent service. However, if you have any concerns regarding how your personal information is handled, or wish to file a formal complaint, please follow the steps outlined below:

Stage Contact Details & Next Steps
1. Direct Resolution In the first instance, please raise your concerns directly with Kevin via email at kevinchan2093@gmail.com. All complaints will be acknowledged within 30 days and thoroughly investigated without undue delay.
2. Ethical Regulation Because Kevin functions as a fully accredited professional therapist, you can file a formal professional complaint directly through official BACP Ethical Framework channels if issues remain unresolved.
3. Data Privacy Escalation If your complaint specifically concerns your data privacy rights and you are unsatisfied with our handling, you have a legal right to log an official complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.
This website uses cookies to improve your experience. If you continue to use this site, you agree with it and my Privacy Policy