• Sign In

  • My Account
  • Signed in as:

  • filler@godaddy.com


  • My Account
  • Sign out

  • Home
  • Healing Companion
  • Work With Me
    • 90-Minute Sessions
    • Anxiety Reset Intensive
    • Betrayal Trauma Intensive
    • Becoming You Intensive
    • Fees
  • Brainspotting
  • Blog
  • About
    • About Sharon Nicholson
    • Qualifications & Training
  • Contact Me
  • More
    • Home
    • Healing Companion
    • Work With Me
      • 90-Minute Sessions
      • Anxiety Reset Intensive
      • Betrayal Trauma Intensive
      • Becoming You Intensive
      • Fees
    • Brainspotting
    • Blog
    • About
      • About Sharon Nicholson
      • Qualifications & Training
    • Contact Me

Signed in as:

filler@godaddy.com

  • Home
  • Healing Companion
  • Work With Me
    • 90-Minute Sessions
    • Anxiety Reset Intensive
    • Betrayal Trauma Intensive
    • Becoming You Intensive
    • Fees
  • Brainspotting
  • Blog
  • About
    • About Sharon Nicholson
    • Qualifications & Training
  • Contact Me

Account


  • My Account
  • Sign out


  • Sign In
  • My Account

Privacy Policy

Privacy Notice

Last updated: 13/06/2026

Data Controller: Sharon Nicholson (Therapist/Counsellor)

Email: sharon-nicholson@protonmail.com

ICO registration number: Z360090X


I take your privacy seriously. This Privacy Notice explains how I collect, use, and protect your personal information when you contact me, book sessions, or engage in counselling/therapy services.


I comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.


What information I collect

Depending on your contact with me, I may collect:

• Name, email, phone number, and address

• Date of birth

• Emergency contact details

• GP details (for emergency contact purposes)

• Information you provide about your wellbeing or reason for seeking therapy

• Notes and records related to therapy sessions

Some of this information may include special category personal data (health-related information).


How I collect information

I collect information when you:

• Contact me by email or phone

• Submit an enquiry via my website contact form (GoDaddy)

• Complete intake forms or questionnaires

• Sign therapy documentation electronically (SignRequest)

• Attend therapy sessions (online sessions via Zoom)


Why I use your information

I use personal information to:

• Respond to enquiries and manage appointments

• Provide counselling/therapy services

• Maintain appropriate client records

• Manage safeguarding concerns where necessary

• Take payment and manage practice administration


Lawful basis for processing

I process personal data under:

• Contract – to provide therapy services and manage appointments

• Legitimate interests – practice administration and record keeping

Where relevant, I process special category (health) data under:

• Article 9(2)(h) UK GDPR – provision of health or social care / treatment

• Schedule 1, Part 1, Paragraph 2 of the Data Protection Act 2018

Criminal offence data is only processed where necessary for safeguarding, legal obligations, or legal claims.


Confidentiality and disclosure

Information shared with me is treated as confidential and used only for the purposes set out in this notice. However, confidentiality may be broken without your consent where required by law or professional ethical obligation, including:

• Safeguarding children or vulnerable adults

• Serious risk of harm to yourself or others

• Court orders or other legal requirements

• Terrorism, money laundering, or radicalisation investigations

Where possible, I will discuss any disclosure with you beforehand.


How your information is stored

• Paper records are stored in a locked filing cabinet

• Digital records are stored on a password-protected device with full disk encryption

• Files may be individually password-protected where appropriate

• Access is restricted to the therapist only


Data breaches

I take appropriate technical and organisational measures to protect your personal information. In the unlikely event of a personal data breach, I will assess the risk to your rights and freedoms and take appropriate action. Where required, I will notify the Information Commissioner's Office (ICO) and, where there is a high risk to you, I will inform you without undue delay.


How long I keep your information

Client records are retained for 5 years after therapy ends in line with professional indemnity insurance requirements. Records are then securely destroyed.


Clinical will / contingency

In the event of my death or incapacity, a designated professional colleague will have access only client records foir the purposes of notifying clients, arranging continuity of care where appropriate, and securely destroying records in line with this notice.. They are bound by confidentiality and data protection obligations.


Third-party services (processors)

I use trusted third-party services to support my practice. These may process your personal data on my behalf:

• SignRequest – electronic forms and signatures (secure, encrypted, downloadable). By signing documents electronically via SignRequest, you consent to the processing of your personal data through this service: https://signrequest.com/privacy

• Zoom – online therapy sessions: https://zoom.us/privacy

• Proton Mail – used for email communication with clients, including correspondence relating to therapy. Proton Mail provides end-to-end encryption for emails sent between Proton Mail accounts, offering an additional layer of security for sensitive correspondence: https://proton.me/legal/privacy

• Stripe – payment processing: https://stripe.com/gb/privacy

• Starling Bank – banking: https://www.starlingbank.com/legal/privacy-notice/

• GoDaddy – website hosting and forms: https://uk.godaddy.com/legal/agreements/privacy-policy


Email marketing and newsletter

If you sign up to receive blog updates, a free resource or a digital product, your name and email address may be processed by MailerLite for the purpose of sending you related updates:

https://www.mailerlite.com/privacy-policy

You can unsubscribe at any time using the link provided in emails or by contacting me directly.

I do not sell or share your personal data for marketing purposes.


Digital products – third party providers

Purchases of digital products from this website are processed through Payhip Limited, a company registered in England and Wales (registration no. 08386910). When you make a purchase, your payment and personal data, including your name and email address, are processed by Payhip in accordance with their privacy policy:

https://payhip.com/privacy

Payments are processed securely through Stripe. I do not store or have access to your payment card details at any point during the transaction.

Your email address is collected by Payhip for the purposes of delivering your digital download and sending your purchase receipt. It will not be added to any mailing list without your explicit consent.

Where your information is processed outside the UK by any of the third parties listed above, those providers have their own safeguards in place (such as standard contractual clauses or adequacy decisions) to ensure your data continues to be protected to UK standards.


Electronic communication disclaimer

While I use secure services such as Proton Mail to protect emails in transit, no electronic communication (including email, online forms, or digital signatures) can be guaranteed to be 100% secure.

If you wish to communicate by email, I recommend opening a Proton Mail account, which provides end-to-end encryption. By sending or receiving information electronically, you acknowledge and accept this small inherent risk.


Cookies

This website uses cookies to help it function properly, improve user experience, and understand how the website is used.

• Strictly necessary cookies (needed for the website to function) are always active and do not require consent.

• Analytics cookies: I use Google Analytics to see which pages are most visited. This data is anonymous and aggregated, used only to improve the website and services. These cookies are only set if you click “Accept” on the cookie banner. If you click “Decline”, these cookies will not be set.

You can manage your cookie preferences at any time through the cookie banner or your browser settings.


Your rights

You have rights under UK GDPR, including the right to:

• Request access to your personal data

• Request correction (rectification) of inaccurate data

• Request erasure of your data (in some circumstances)

• Restrict or object to processing (in some circumstances)

• Data portability – request that data you have provided be transferred to you or another provider in a structured, commonly used, machine-readable format (this applies mainly where processing is based on consent or contract and carried out by automated means)

• Not be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects

• Withdraw consent at any time, where processing is based on consent (this will not affect the lawfulness of processing before withdrawal)

• Make a complaint to the ICO

Not all of these rights apply in every circumstance – for example, portability does not generally apply to data processed under ‘legitimate interests’, and some rights are limited for therapy records held for legal or professional reasons. If a right does not apply to your request, I will explain why.

ICO website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/


How to complain

If you have any concerns about how I collect, store, use, or share your personal information, please contact me in the first instance so I can investigate.

Please contact me in writing at: sharon-nicholson@protonmail.com

I will acknowledge your complaint within 7 working days and aim to provide a full response without undue delay, and in any event within 30 days.

If you remain dissatisfied, you have the right to complain to the Information Commissioner's Office (ICO):

https://ico.org.uk/make-a-complaint/


Governing law

All Terms and Conditions are governed by and interpreted in accordance with the laws of England and Wales, and any disputes shall be subject to the exclusive jurisdiction of the courts of the United Kingdom.


Contact

If you have questions about this Privacy Notice, please contact:

Email: sharon-nicholson@protonmail.com



Copyright © 2018-2026 Sharon Nicholson - All Rights Reserved.


Copyright © 2018-2026  Sharon Nicholson - All Rights Reserved.

Offering online trauma therapy across the UK, including Weymouth, Dorset and surrounding areas.

Specialising in anxiety, relational trauma, Betrayal trauma, and narcissistic abuse recovery and traumatic bereavement — through the body, not just the mind.

The content on the website is for informational purposes only. It Is not intended as professional advice, treatment or diagnosis. Please seek appropriate qualified support from your healthcare provider where necessary. 

  • Healing Companion
  • Anxiety Reset Intensive
  • Betrayal Trauma Intensive
  • Becoming You Intensive
  • Anxiety & Overthinking
  • Traumatic Grief
  • Betrayal Trauma
  • Narcissistic Abuse
  • Brainspotting
  • Blog
  • Contact Me
  • Intensives T&Cs
  • Disclaimer
  • Online Trauma Therapy UK
  • Privacy Policy
  • Healing Companion T&Cs

Cookie Policy

This website uses cookies to help with site navigation and to understand how visitors use our site. Tracking cookies will only be set if you click 'Accept'. You can click 'Decline' if you do not wish to allow these cookies. Please see our Privacy Policy for further information about cookies and how to manage them.

DeclineAccept & Close