The Counselling Hut is committed to complying with the terms of the General Data Protection Regulation (GDPR) and to the responsible and secure use of your data. The Counselling Hut has a legitimate interest in processing personal data to provide counselling services.

The purpose of this statement is to let you know what personal information The Counselling Hut collects and holds, why I collect this data, how long it is stored for and your rights over your personal data. The Counselling Hut is registered with the Information Commissioner's Office (ICO), reference ZB182301.

1. Information about you

1.1 I collect personal information from you when you enquire about our counselling services to set up an initial appointment. This information includes contact details, your availability and other relevant personal information. Once a client finishes counselling, all data regarding their counselling is stored securely for 7 years and then destroyed.

1.2 When you enquire about counselling we ask for contact details and relevant personal information from you that is needed to answer your enquiries and to keep you informed.

2. Our use of this information

2.1 Your data will be used only to provide you with my services and to give you information relating to my services. I will not share your details with any other person or organisation without your knowledge and permission unless there is a legal requirement as stated in the counselling contract. A breach of confidentiality is when a person shares information with another in circumstances where it is reasonable to expect that the information will be kept confidential.

2.2 Your data will be stored on a client record management database called Kiku. As data processor, they are fully GDPR compliant and are registered with the Information Commissioner’s Office (ICO), reference Z160546X. The website and administration system is secured with RSA 256 bit SSL encryption, which means that your data is encrypted when both processed and stored. Access to Kiku is both password and two-factor authentication protected to ensure that the personal information they process and store remains safe and secure. Kiku is hosted on AWS Ireland Servers which adhere to strict and robust security measures. Details on their GDPR can be found on the link Fully GDPR compliant practice management system | We Are Kiku. Their privacy notice is available here: Privacy policy for our practice management system | We Are Kiku

3. Security

3.1 I will take all reasonable precautions to prevent the loss, misuse or alteration of information you give us.

3.2 Communications in connection with this service may be sent by email. For ease of use and compatibility, communications will not be sent in an encrypted form unless you require it and give me permission to communicate with you in that way. Email, unless encrypted, is not a fully secure means of communication. Whilst I endeavour to keep our systems and communications protected against viruses and other harmful effects, we cannot bear responsibility for all communications being virus-free.

4. Your rights over your personal data

4.1 If you would like to see the information we hold about you, or would like to correct, update or delete any records, please email me at thecounsellinghut@gmail.com. If you have any concerns about our use of your data, please contact me directly at thecounsellinghut@gmail.com. I will do our utmost to resolve any concerns you have. If for any reason I cannot resolve the issues you may choose to contact the ICO directly.