Privacy Policy

Sense of Self has a legal responsibility for protecting your privacy and any personal information you may share with us. On May 25th 2018 new legislation, the General Data Protection Regulation (GDPR), came into effect. The following explains the kinds of personal data Sense of Self may collect about you, how it is stored and handled, how you can access it, and how it is kept safe.

The Legal Terms

“Personal data” can be divided into two categories:

a.     Non sensitive personal information that identifies you such as name, address, date of birth  and email address. We require this information contractually in order to provide our service in accordance with article 6(1)(b) of the GDPR-EU legislation.

b.     Sensitive personal information is defined as “Special Category Data.” We will collect this  so we can provide you with effective therapeutic care. This is in accordance with article 9(2)(h) of the GDPR-EU legislation. "Special categories" of particularly sensitive personal data require higher levels of protection. We need to have clear justification for collecting, storing and using this type of personal data.  We will aim to collect and process only the special category data relevant to your mental health.

“Processing” your data includes various activities using your data. These may include collecting, recording, organising, using, disclosing, storing and deleting it.

A “condition for processing data” is essentially our justification for processing the information. We will for example ask you for your consent for us to process your data to deliver psychological therapies to you.   

The law requires Sense of Self:

  • To process your data in a lawful, fair and transparent way

  • To only collect your data for explicit and legitimate purposes

  • To only collect data that is relevant, and limited to the purpose(s) we have told you about

  • To ensure that your data is accurate and up to date

  • To ensure that your data is only kept as long as necessary for the purpose(s)

  • To ensure that appropriate security measures are used to protect your data

Accountability Statement

The Accountability Principle as detailed in the GDPR Article 5(2) means Sense of Self must be able to demonstrate how we adhere to the principles of data protection law:

c.                 We regularly review our data protection policies and procedures

d.     We assess risk and keep record of any known data breaches and ensure these are reported to the ICO within 72 hours

e.     Security measures are used and are regularly reviewed. All emails to Sense of Self are stored on Google Mail Cloud which is GDPR compliant and is securely password protected. Emails will be accessible from password protected Mac and iPhones.

f.       We ensure explicit consent is gathered or the rights of others are considered before proceeding with conditions.

How We Process Your Data

There are a number of different conditions or justifications for which an organisation or individual may collect and process your personal data. Your data  may be processed on the following lawful grounds:

g.     Your Explicit Consent - In most situations, we can collect and process your data with your explicit consent. For example, we may gain your consent to write to your referrer with a summary of your treatment and progress. We discuss using your personal information in supervision with our supervisors for the purposes of ensuring our practice is safe and effective and as mandated by my professional bodies. In this case, no names or identifying details will be shared.

h.     Contractual Obligations - When we begin working together, we will ask you to agree to Sense of Self’s therapy contract. This is normal practice and lays out what we expect of one another. The legal basis of “Contractual Obligation” is not sufficient to allow us to process your sensitive personal data which is why we ask you for your explicit consent.

i.       Vital Interest - Your data maybe used without your consent, typically in an emergency, where this is necessary to protect your life, or someone else’s life. If you were deemed to be at immediate and serious risk that you might harm yourself or someone else then your personal information may be shared with a third party such as your GP or the emergency services without first obtaining your consent.  This might be because it is not practically possible to obtain your consent or because attempting to do so might lead to a delay in accessing help and therefore endanger your life or that of another. 

j.       Legal Obligation - It is possible that your personal information may be requested by the Police, a Court of Law, Coroners Office or Professional Body in which circumstances we would have no option but to comply with the law.

k.     Legitimate Interest - In certain circumstances, we may require your data to pursue our legitimate interest in a way which might reasonably be expected as a Psychologist.  When data is processed in this way, we will make sure there isn’t a chance of any impact upon your rights, freedom or interests. We will never use my Legitimate Interest to process your sensitive data such as your case notes relating to your mental health. 

l.       Your Safety and that of Others - On rare occasions we may process your data without your consent. For example, when we believe you, or third party may be at risk. These conditions relate to the processing of special category data and are detailed in the Data Protection Act 2018.

How We Collect Your Data

We collect your data in different ways that may include, but are not limited to:

  • When you write to us about any subject by any means;

  • When you enquire about our services but do not engage;

  • When you attend an appointment;

  • When you complete questionnaires.

  • When you access or engage with our website.

Your Rights

You have a right to be informed, to know what Sense of Self is doing with your data and why. You have the right to request a copy of your information and if identified to have inaccuracies corrected. You have the right to object to us processing or using your personal information, you can change your mind at any time and withdraw your consent if already provided. You have the right to have your personal data restricted or deleted if you feel it is being used improperly, unless it has to be retained by law. You also have the right to request your data is sent to another organisation that does similar work to us or provides a similar service.

Data Retention

Sense of Self collects personal data, for as long as is necessary for the purpose for which it was collected. We will keep your personal information and the record of our work together for six years after completion of treatment. It will then be erased.

Concerns About Your Data

The Information Commissioner’s Office (ICO) are the regulator and they can be contacted on 0303 123 1133 or www.ico.org.uk/concerns. You have the right to complain to them if you feel your data has been handled incorrectly. Sense of Self is registered with the ICO and our reference number is ZB015845 .

If you would like to discuss any aspect of this policy or the way we process your information, please contact us at info@senseofself.uk or 07458 387 258