Privacy Policy

---

Anita McKenna, owner of Reflective Therapies, is committed to protecting and respecting your privacy.
 

This policy states what happens when you contact me via my website, by  email, by phone, and when you decide to enter into a therapeutic  contract with me.
 

Please read carefully and ask any questions on our first session or via email.
 

My website is straightforward and the only place data from you  will be collected is through the contact form – which is SSL protected  so fully encrypted, as is the rest of my website.  If you do decide to come to therapy with me, then I will also hold your personal data in the form of a Confidential Information form attached to our Counselling Agreement, as an agreement of the terms and conditions of  the therapeutic relationship.
 

This policy, therefore sets out the basis on which any personal data I  collect from you, or that you provide to me, will be processed by me.  Please read the following carefully to understand my views and practices  regarding your personal data and how I will treat it. By visiting www.reflectivetherapies.co.uk you are accepting and consenting to the practices described in this policy.

For the purpose of the Data Protection Act 1998 (the Act) (soon to be  General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)) ,  the data controller is Anita McKenna (address available on request).
 

Secure Storage
Your details will be stored and kept securely and confidentially in a  safe filing system (in a locked filing cabinet) and will be destroyed at the end of our work together.
 

Information I may collect from you
I may collect and process the following data about you:
• Information provided by you.
• You may provide information about yourself by filling in forms on this website or by corresponding with me by phone or email, and other.
• This includes information you provide when you send a message through my contact form or if you report a problem with my site.
• The information you provide may include but not limited to your name, address, e-mail address and phone number.
 

Information I collect about you.
• NOTE: My website is hosted by GoDaddy, and they have informed me that my website won’t collect any other data from you but the data found on  my contact form. Nevertheless, in their privacy policy, they state that this is the type of information they might collect:
• technical information, including the Internet protocol (IP) address  used to connect your computer to the Internet, your login information,  browser type and version, time zone setting, browser plug-in types and  versions, operating system and platform;
• information about your visit, including the full Uniform Resource  Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times,  download errors, length of visits to certain pages, page interaction  information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
• Information we receive from other sources.
• We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also  working closely with third parties (including, for example, business  partners, sub-contractors in technical, payment and delivery services,  advertising networks, analytics providers, search information providers,  credit reference agencies) and may receive information about you from  them.
 

Uses made of the information
I use information held about you in the following ways:
• Information you provide, and information I collect about you.
• I will use this information to carry out my professional and  contractual obligations during out work together. This includes:
• Contracting and ensuring the terms found in the contract are upheld by both parties.
• In case of emergencies or where disclosure might be necessary – I will  contact your GP or next of kin in these cases, with your knowledge and  consent UNLESS it is a case of terrorism, drugs trafficking or money laundering, which by law I must report without the need for consent.
• Information I receive from other sources.
• This might only be the case when referred by EAPs or other third parties. The data will be handled safely as above.
 

Disclosure of your information
I will not share your personal information with anyone else, unless there is a duty to disclose in order to comply with any legal obligation  (terrorism alerts, money laundering).

The only other person involved in your case – only your first name will  be known to them, or if you choose to be anonymised further, initials or  aliases can be used – will be my Supervisor, who is held by the same  privacy, data protection and confidentiality clauses as described here  and in my contract.
 

Where I store your personal data
The data collected will be kept in a locked filing cabinet and will be destroyed at the end of our work together.

Access to information
The current Act gives you the right to access information held about  you. Your right of access can be exercised in accordance with the Act.
 

Your rights
You have the right to let me  know whether you want to change how I use your data.

Right to Access
You have the right to ask for a copy of your personal information, free  of charge, in an electronic or paper format. You also have the right to  ask me to amend or change any incorrect information about you.

Right to be forgotten
You have the right to ask me to delete any information that I hold about  you, including personal information that is no longer relevant to original purposes – for example when our therapeutic relationship has ended or if you wish to withdraw consent. In all cases and when  considering such requests, these rights are obligatory unless it’s  information that I have a legal obligation to retain.

Data Portability
You have the right to receive your personal information as previously  provided, and to transfer this information to another party.
 

***If you follow a link from my websites to any other websites, do have a look at their own privacy policies, for your information and security.***
 

If you have any questions or comments, please use the contact form provided.
 

Cookies
 

I don’t hold any data in regards to cookies, but GoDaddy (host for www.reflectivetherapies.co.uk)  might still collect them without my direct knowledge. As mentioned above, the representative I have spoken to at GoDaddy has assured me  that my website doesn’t collect any data apart from the encrypted  contact form.