Data Protection Policy
My practice is fully GDPR Compliant (General Data Protection Regulation). I only keep information requested from you, and only with your permission. I have not obtained additional information about you from 3rd parties, and I will never share or sell your information with any other parties. I will only obtain the relevant information needed for the service you are utilising.
Name – For use on invoice and payment information
Email – To provide information on our coaching work and upcoming events and services
Telephone Number – To contact you should you miss a sessions, or there are safety concerns
Address – For legal purposes should a payment not be received
Next of Kin – For safeguarding purposes
Specialist Information – For safeguarding purposes
Additional
Personal Information – For tailoring my coaching services
Your Contract, Data Protection Agreement, Registration and Feedback Forms will be collected via CognitoForms. Once received, your completed forms will be emailed to you to ensure all details are correct and for your records.
Should you wish to complete and sign these forms manually, you can do so by following these steps:
1. Ensure all radar buttons indicate your choices (to ensure any hidden fields within the form are available for printing)
2. Right Click the From and Select Print
3. Sign and date all sections clearly showing intent to agree
4. Scan as a complete document, If you cannot scan as a complete document, please write your name, sign and date each page individually, numbering each page clearly (i.e. Page 1 of… Page 2 of…)
5. Return the completed form(s) along with a statement of intent, which includes your full name within the body of the email
6. Clearly state which documents you are returning (If scanned individually, specify how many pages there are per document) and that you agree to the terms and conditions of the documents attached
All personal information, Session Recordings, Invoices and Written Notes are kept either on a password protected document on a password protected private computer or on an external hard drive which is in a locked drawer when not in use. Only I have access to the passwords and keys. I do not store personal information on the cloud.
Sessions are Recorded to the Zoom “Cloud Server” where it will be download within a few hours of the session and permanently deleted, the recording is then held on an external hard drive. Should you ask me to provide copies of a recording I will do so via a transfer service called WeTransfer, where you will be able to access it via an email and download it to your computer within 7 days at which time WeTransfer permanently delete the recording from their servers.
Your email address will be stored within yahoo contacts, to protect your private emails and personal messages sent via WhatsApp and Facebook Messenger, my PC, tablet, and phone are all password protected, only I have access to these devices.
Recordings, Notes and e-mails are deleted once they are over 1 year old, but kept no longer than 3 years.
Contracts, Agreements and Registration Forms will be deleted once our working contract has not been utilised for more than 1 year and kept no longer than 3 years. Sooner by request.
Records relating to HRMC Tax Returns, such as invoices and some personal contact details (Name, Email and Address) are kept for 5 tax years from the date of your last session and will be automatically deleted in April after expiration.
Electronic information will be destroyed using AVG shredding software, while paper documents will be shredded with a P4 Cross Shredder. I care deeply about your privacy, and I will only use your personal data to contact you with regards to our coaching work and from time to time I may provide you with information on my upcoming events and services, you may unsubscribe from this additional service on request.
There are situations in which I have a moral and legal obligation to break confidentiality and data protection:
1. Where you have provided a written consent for confidentiality to be broken and for information to be shared with another person or organisation
2. Where I am compelled to by a court of law
3. Where the information is of such gravity that confidentiality cannot be maintained. This includes instances in which I consider you, the client, or others to be in imminent danger and requiring outside assistance.
I will always attempt to speak to you before breaking confidentiality.