Privacy Policy 

Data Controller: Nicola Townsend

Basis for Holding and Processing Personal Data

As part of our counselling contract, I will collect and process personal data about you — including sensitive personal information — almost always provided directly by you. Under the Data Protection Act 2018 (incorporating the UK GDPR), you have specific rights concerning how your data is held and used.

I am responsible for ensuring that your personal data is processed lawfully, fairly, and securely. I only collect and use your data in order to provide counselling services as agreed between us.

What Data I Hold

I may hold the following types of personal information:

Your name and contact details (e.g. phone number, email address)

Records of our appointments

Our signed counselling contract

Payment information for accounting purposes

Please note that I do not keep clinical notes unless  carrying out work for EAPs in which case the notes are stored by the EAP company concerned

Confidentiality and Third Parties

Your information is treated in strict confidence. I do not share, sell, or use your data for marketing or group communication purposes. Any communication with you is done individually and privately.

There are very limited circumstances under which I may need to break confidentiality, as outlined in our counselling contract. These include:

If I believe you are at serious risk of harming yourself or others

If I am required by law or a court order

If you request an onward referral and consent to information sharing

In such cases, I will aim to share only the minimum information necessary, and where possible, I will discuss this with you first.

Supervision

As required by the National Counselling and Psychotherapy Society (NCPS) Code of Ethics, I attend regular clinical supervision. In supervision, I may discuss aspects of our work to ensure I’m providing you with the best possible support. However, clients are referred to by first name only, and no identifiable information is disclosed. My supervisor is also bound by strict confidentiality and professional ethics.

How Your Data Is Stored

Your personal information is stored securely:

Paper records are kept in a locked cabinet.

Any electronic communication is stored using password-protected systems.

Retention and Deletion

I retain your records during the time we are working together and for three years after the end of our work. This is to allow for continuity if you return to therapy, and to comply with professional and legal requirements. After that time, all records will be securely destroyed or permanently deleted.

You have the right to request that your data be deleted at any time, and I will comply with such requests unless I am legally required to retain it for a specific reason.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.