top of page

Privacy Policy September 2023

​

1. Introduction

1.1    I am committed to safeguarding the privacy of my website visitors and clients.

1.2    In this policy, "I", "me" and "my" refer to Annelise Garnier.

2. How I use your personal data

2.1. Offline data

 I may process personal data. This includes your name, email address, phone number and an emergency contact (“personal data”). The source of this data is the information that you supply to me on the client information sheet which you will fill in if/ when we first start working together.  This data may only be processed for the purposes of providing you with counselling and therapy service, including contacting you about appointments. I will not contact you nor use your personal data for any other purpose. If we decide not to begin working together or decide to stop working together this data will be deleted immediately. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.        

2.2. Online Data

I process online data which I receive through the usage of my website, through you contacting me via email, my website and through directories I am listed in, and through the online processing of payments.  

2.2.1 I may process data about your use of my website and services ("usage data"). My website is hosted by Wix. Wix uses cookies to collect personal data when you visit my website, it analyzes the data in a de-personalized form. Therefore your personal data remains confidential when you visit the website.

The source of the usage data is google analytics. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is my legitimate interests, namely monitoring and improving my website and services.

2.2.2 I may process information contained in any enquiry you submit to me regarding a request to use the services I offer ("enquiry data"). The enquiry data may only be processed for the purposes of offering counselling and psychotherapy services to you in exchange for money. 

2.2.3 I may process information relating to transactions, including purchases of counselling services ("transaction data"). The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased service, receiving payment for the purchased services and keeping proper records of those transactions. My bank statements are stored securely in a password-protected account. 

 3. Disclosing your personal data to others and disclosing others personal data

3.1    On occasion you may request that I disclose your information to third parties, for example for the purpose of writing letters confirming details of our work together. As part of our work in sessions, I will work with you to ensure that you are satisfied with the wording of such correspondence is fully agreed with you. I am also able to password protect these documents if this is helpful to you.

3.2    In addition to the specific purposes for which I may process your personal data set out in Section 3, unless requested to do so by you I will only disclose your personal data where such processing is necessary for compliance with a legal obligation to which I am subject, or in order to protect you or another person, including children, from immediate, significant and lasting harm. I would make every effort to obtain your consent before doing so if possible, the only exception being if obtaining your consent would put yourself or another person involved at greater risk of harm. 

3.3    Please do not supply any other person's personal data to me, unless I prompt you to do so.

4. Retaining and deleting personal data

4.1    This Section 4 sets out my data retention policies and procedure, which are designed to help ensure that I comply with my legal obligations in relation to the retention and deletion of personal data.

4.2    Personal data that I process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

4.3    I will retain your data as follows:

(a)    website usage data will be retained for a minimum period of 30 minutes following the date of collection, and for a maximum period of 2 years following that date. 

(b)    In the event that you enquire about therapy but do not decide to enter into therapy, your enquiry data (e.g. email threads) will be deleted as soon as possible after you have informed me you do not wish to proceed with therapy and I will not hold any records for you. In the event that you enquire about therapy but do not confirm whether you wish to proceed with therapy, I will delete any such data that is more than one month old on a quarterly basis (meaning that I could potentially hold your data for 4 months, at a maximum)

(c)    In the event that you enquire about therapy and do decide to enter into a therapy contract with me, your enquiry data (e.g. email threads) will be held as correspondence between us so long as we have a therapeutic contract together. In the event that we terminate this contract, I will archive these emails (meaning that they will not be visible in my inbox) and they will be held for a maximum of two years after the therapeutic relationship has ended, in line with my insurance requirements.  

(d)     Transaction data will be retained on bank statements for 7 years. My bank statements are held securely in a password-protected account.

5. Working Online

The Information Commissioners Office have approved Zoom for online therapy (provided clients give their consent), whilst noting that these platforms add an element of information insecurity beyond the control of both therapist and client.

Please take this into consideration when deciding if you would like to engage in therapy using this platform.

 6. Data Storage

6.1 I store my client information sheet and contract.

I also make an initial assessment and brief, anonymised notes after each of our sessions. These are necessary to support our work together.

(a) The client information sheet and contract and

(b) the initial assessment and notes

will either be stored securely in paper form (locked away) and/or in electronic records (stored in password-protected files).

The documents under (a) and those under (b) are kept separately from each other to avoid the possibility of a data breach where personal details and notes were matched up.

 6.2 All data that is collected is subject to the strict rules of confidentiality laid down by Acts of Parliament, including the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).

In line with my insurance requirements, if the client is aged over 18 I will keep their records for 2 years from the date of their last session.  If the client is aged under 18 I will keep the records for 2 years from the date when they reach 18.  If the client is suffering from any mental incapacity rendering them unable to make decisions for themselves, I would keep the records for 5 years from the date when they were deemed to be capable of making their own decisions. In practice, this could mean I would need to keep these records indefinitely.

6.3 I also carry a paper diary to keep track of appointments. In this, I record only coded client details alongside appointment times.

7. Your rights

7.1    In this Section 7, I have listed the rights that you have under data protection law.

7.2    Your principal rights under data protection law are:

(a)    the right to access - you can ask for copies of your personal data;

(b)    the right to rectification - you can ask me to rectify inaccurate personal data and to complete incomplete personal data;

(c)    the right to erasure - you can ask me to erase your personal data;

(d)    the right to restrict processing - you can ask use to restrict the processing of your personal data;

(e)    the right to object to processing - you can object to the processing of your personal data;

(f)     the right to data portability - you can ask that I transfer your personal data to another organisation or to you;

(g)    the right to complain to a supervisory authority - you can complain about my processing of your personal data; and

(h)    the right to withdraw consent - to the extent that the legal basis of my processing of your personal data is consent, you can withdraw that consent.

7.3    These rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects by visiting https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

7.4    You may exercise any of your rights in relation to your personal data by written notice to me, using the contact details set out below.

7.5   For more information you can contact the Information Commissioners Office at ico.org.uk or on 0303 123 11 13.

8. About cookies

8.1  A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

8.2  Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

8.3  Cookies do not typically contain any information that personally identifies a user, but personal data that I store about you may be linked to the information stored in and obtained from cookies.

9. Cookies used by my service providers

9.1 My website, which is hosted by Wix, uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. 

These functional and required cookies are always used, which allow Wix, our hosting platform, to securely serve this website to you.

These analytics and performance cookies are used on this site, as described below, only when you acknowledge our cookie banner. We use analytics cookies to view site traffic, activity, and other data.

10. Managing cookies

10.1  Most browsers allow you to refuse to accept cookies and to delete cookies. 

10.2  Blocking all cookies will have a negative impact upon the usability of many websites.

10.3  If you block cookies, you will not be able to use all the features on my website.

11. Amendments

11.1  I may update this policy from time to time by publishing a new version on my website.

11.2  I will notify current or potential clients of significant changes to this policy by email.

12.    Business details

12.1  This website is owned and operated by Annelise Garnier, and hosted by Wix.

12.2  Annelise Garnier Counselling is registered with the ICO under registration number C1388052.

12.3  My principal place of business is at 17 Beach Street, Herne Bay CT6 5PW

12.4  You can contact me:

(a)    by telephone, on 07387 837887; or

(b)    by email, using annelisegarniercounselling@gmail.com

​

Please be aware that in agreeing to proceed with therapy with me you acknowledge your acceptance of this policy. 
bottom of page