Data Processing Statement
I (Hilary Jiggins) am an independent Psychotherapist operating in East Sussex and Online via Zoom, Facetime, and Skype. This notice explains how your personal data will be collected, stored and used when you use my services. I am is fully committed to maintaining your privacy and making sure that I comply with the law. I will only collect and process personal information for the purposes stated below.
Why do I collect your personal information?
The purposes for which your personal information is being collected is to provide you with mental health support, and more specifically:
To understand why you want to use my services and assess your needs
To identify the specific services and types of support that would be best to address your assessed needs
To allow me to have ongoing contact with you and to record this contact
To record your progress against agreed personal goals
To use my services, I will need to collect some general personal information about you. I will also need some more sensitive information about you and your mental health. You can share as much information as you are comfortable.
What will we do with it?
The information you provide with will be stored confidentially while you use my services. I will not sell, distribute or pass your personal information to any third parties unless we have your permission to do so or are required by law to do so. Once you have finished using my services I will then store it for up to 6 years, after which time it will be securely deleted and / or destroyed. This is usual practice for similar support services and I will not keep your information for longer than I need to.
When I need to share your information with someone else I will usually need your permission to do this. I will ask you to sign a ‘Consent to Share’ form that records that you have agreed that I can do this.
On rare occasions, to keep you or other people safe I may have to share confidential information about you with other agencies. In these circumstances I would only share information that is necessary, and I would always try to let you know that I have done so.
What are your rights?
The General Data Protection Regulation (GDPR) is the law that protects your information. This says that you have the following rights:
• The right to be informed: by receiving this briefing I am informing you that I am collecting your information, why I am using it and what your legal rights are.
• The right of access: you can access your personal data free of the charge within one-month of submitting a written request to me.
• The right to rectification: I must correct my records within one month if your personal data is incomplete or inaccurate if you tell me this in writing.
• The right to erase your personal data: where I am legally able to do this, I must delete your data if you ask me to.
• The right to restrict processing of your personal data: where I am legally able to do this, I must not further process your data if you write to me not to.
• The right to data portability: if you want to work with another organisation and want me to give them your information then I can do so, if you write to me and ask me.
• The right to object: if you want to complain about how your data is being handled or ask me to stop then you can write to me and tell me. You can also use my complaints procedure.
• Rights in relation to automated decision making and profiling: I do not profile or carry out automatic decision-making using personal data. However, should this situation change I would seek your written permission to do this.
For more information on how you can access your records, correct any inaccuracies or object to any information I keep under the Data Protection Act and the General Data Protection Regulation (GDPR) please contact me or go to the Information Commissioner’s website.