Effective date: 30th June 2020
Natalie Mears ("us", "we", or "our") operates the www.nataliemears.co.uk website (the "Service").
• How we collect and process your information;
• Why we do this;
• How you can exercise your rights;
• Who to contact in the event you are unhappy with our performance.
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
Right of Access – You have the right to request us for copies of your personal data and supplementary information. Following a request, we will provide all your data that we have on file within 30 days (unless this is not possible due to holidays or illness). We may charge you a small fee for this service.
Right to Rectification – YIf the data we hold about you is incorrect, inaccurate or incomplete, you can request that we correct this. Following a request, we will correct the information as soon as possible (and within 30 days, unless this is impossible due to holidays or illness).
Right to Erasure – You can request that we delete or remove personal data where this is no compelling reason for us to continue processing. Following a request, we will delete any computer records and destroy any paper records as soon possible (and within 30 days, unless this is impossible due to holidays or illness). Note that data may be retained for scientific research, historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing, but this would never include case notes or data such as address/email/phone.
Right to Restrict Processing – You have the right to request that we cease processing your data. If a) You consider it inaccurate or incomplete; b) You object to processing and we considering whether we still have a legitimate interest to process it. This would usually be a temporary measure before correction of any errors or before erasure.
Right to Object to Processing – You have the right to object to our processing under certain circumstances. For example, you can object to processing for purposes of scientific/historical research and statistics. Please provide grounds for your objection.This would usually be a temporary measure before correction of any errors or before erasure.
Right to Data Portability – Where you have consented to our processing your data, or where the processing is necessary for us to deliver a contract, you can request a copy of that data be provided to a third party in electronic form. For example, this may apply if you wish that we send your notes to another therapist. The simplest solution in such cases would likely be to return the data to you, which is covered under the Right to Access. If you make a request, we have 30 days to respond to you.
If you would like to exercise any of these rights, please contact us at our email:
Email us: email@example.com
Or call us at: +44 (0) 7503 817 397
INFORMATION COLLECTION AND USE
The basis on which we keep client data is that of “Legitimate Interests”. This means that the data is necessary for us to fulfil the contract that we have together (that is, to provide therapy) and that it is data that you would reasonably expect us to hold and use.
Please find below a summary of the information we hold and how we use this to deliver services to you.
TYPES OF DATA COLLECTED
Basic Personal Records, Contracts, Correspondence and Billing - While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Our basis for processing this information is that it is necessary for us to deliver the services that you have contracted to. Personally identifiable information may include, but is not limited to:
• Basic information such as name, email address, phone number;
• Information that you give as part of the work we do together;
• Records of what interventions that we use (or potentially do not use) in our session(s);
• Emails, texts and/or messages that are sent between us;
• Audio recordings of sessions (unless you specifically object).
Special Category Data - Some of the information that you provide may be regarded as special category of data as defined by the General Data Protection Regulation (GDPR), Article 9. The condition for processing this special data is “processing is necessary for… medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems” (2,h). However, data on any criminal offences (including allegations, proceedings and convictions) will require your specific consent in order to hold any such information.
Usage Data - We may also collect information how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
USE OF DATA
Natalie Mears uses the collected data for various purposes:
To provide and maintain the Service
To notify you about changes to our Service
To allow you to participate in interactive features of our Service when you choose to do so
To provide customer care and support
To provide analysis or valuable information so that we can improve the Service
To monitor the usage of the Service
To detect, prevent and address technical issues
To develop scientific research, historical research or for statistical purposes
DISCLOSURE OF DATA
Legal Requirements - The law may forbid our normal confidentiality in the following circumstances and Natalie Mears may disclose details in the good faith that such action is necessary to:
Comply with a legal obligation
Protect and defend the rights or property of Natalie Mears e.g. investigation procedures
Prevent or investigate possible wrongdoing in connection with the Service
Safeguard children and/or adults
Protect the personal safety of users of the Service, children, another adult or the public
Protect against legal liability
We may talk or write to your GP (but we will not give any personal details beyond what you are working on).
Securing your information
Natalie Mears takes the security of data seriously and as such:
• All data is held securely (see details of Transfer and Storage of Data above);
• Any data transmitted is sent encrypted and password-protected, where possible;
• For accounting purposes, encrypted and password-protected Microsoft Excel spreadsheets are used.
However, please note that:
• We are not in control of data (including emails and texts) which you send to us;
• Mobile phone and desktop applications such as Facebook routinely access any information held on electronic devices and this is beyond our control.
Remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
If there is any breach of data security Natalie Mears will give full details to the Information Commissioners Office and any person affected within 72 hours of the breach and do all possible to minimise any potential impact.
How do we collect your data?
You directly provide us with most of the data we collect. We collect data and process data when you:
Register online, make an enquiry or make a booking for any of our products or services.
Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
Complete online forms (e.g. Client Intake Form, Client Waiver Form)
Use or view our website via your browser’s cookies.
Contact us via Social Media or phone
TRANSFER & STORAGE OF DATA
We share data with a number of third parties in the course of delivering our services. These are summarised below:
• We use G Suite to handle our email and other office automation (Google’s servers);
• We have an accountant who operate payroll on our behalf and carries out auditing (any information is shared using encrypted and password protected documents);
• Any emails sent between you and Natalie Mears are held either on our computer’s hard drive or Google’s servers;
• If emails are archived, they are stored on a hard drive which is password-protected;
• Any texts/WhatsApp messages/Messenger/Instagram messages sent between you and Natalie Mears (See Social Media & Electronic Information page) are held on a iPhone which is fingerprint/code protected;
• If you use online banking, then these systems will hold your data. We will download from these systems for accounting purposes and the resulting spreadsheets are password-protected on stored on a hard drive. Any credit card information is destroyed as soon as processed.
• Any handwritten notes are kept in a locked filing cabinet. A coding system enables the therapist to know to whom the notes belong, but should a stranger see them, they would not be able to identify to whom they referred.
• Any electronic notes are kept on a hard drive and are password protected. A coding system enables the therapist to know to whom the notes belong, but should a stranger see them, they would not be able to identify to whom they referred.
• Audio recordings are created and stored on an encrypted device (iPhone) which is accessible only by the Data Controller and Processor, Natalie Mears.
Your data is kept for 10 years (this is the requirements of our insurer). After this time, any paper records are destroyed, and computer records permanently deleted.
We would like to send you information about products and services of ours that we think you might like, as well as those of our partner companies. If you have agreed to receive marketing, you can always opt out at a later date.
You have the right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please Contact Us.
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology
For further information, visit allaboutcookies.org.
Keeping you signed in
Understanding how you use our website
What types of cookies do we use?
There are a number of different types of cookies, however, our website uses:
Functionality – Our Company uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
Advertising – Our Company uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. Our Company sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.
How to manage cookies
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
LINKS TO OTHER SITES
We does not work with anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
How to contact us
Email us at:firstname.lastname@example.org
Or call us: +44 (0) 07503 817 397
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office.