I am committed to ensuring that your privacy is protected. Should I ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
For the purpose of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) - the data controller is Sharon Nicholson. ICO Registration no. Z360090X (Information Commisioners Office)
Data that maybe collected about you
You may give me information such as your name, address and contact information through filling in the form on this site or through correspondence by email, phone or otherwise.
I may also receive information about you from other sources such as Google Analytics.
Technical information such as your computer IP address, browsing type and information about your site visit such as URL, date and time, page interactions.
My site uses the following cookies:
Strictly necessary cookies that are required for the operation of my site.
Functionality cookies to help remember your preferences.
Analytic cookies that help recognise and count the number of visitors to my site.
Please note that some of my cookies are essential for my site to work properly.
The internet industry body, the Internet Advertising Bureau, has set up a website to provide information and advice on cookies: www.youronlinechoices.com/uk/. Another source which gives information about how to delete and control cookies is www.aboutcookies.org/.
I may provide links to other websites offered by third parties. I have no control of, and accept no liability for, their privacy policies and practices, or any breach thereof. I advise that you read the privacy policies of any other sites that you visit.
My website is hosted by GoDaddy and the server is based in the US. GoDaddy is covered by the US Privacy Shield, and this means that any information that may pass from the UK to the US, such as your IP address, is at an approved level of security. Please see https://www.privacyshield.gov/list for further information.
Website contact forms and email correspondence
My website has a secure SSL Certificate.
Information sent to and from my site is encrypted, so your data is transferred as securely as possible via the contact forms.
The transmission of information via the internet is not completely secure. Although I will do my best to protect your personal data, I cannot guarantee the security of your data transmitted to my site. Therefore, any transmission is at your own risk.
I use Protonmail when responding to website enquiries by email. Protonmail encrypts messages in transit by using TLS (Transport Layer Security).
Emails sent between ProtonMail accounts are automatically end-to-end encrypted, so if you wish to discuss sensitive information with me via email, I suggest that you open a free ProtonMail account to do so.
I cannot guarantee the security of emails sent or received by your email provider.
While emails are stored in my ProtonMail inbox, they are encrypted and unable to be accessed by ProtonMail or shared with third parties. Your email provider may keep a copy of the information that you have sent.
Emails that you send to me are deleted when action has been agreed or our work together has finished.
General Data Protection Regulation (GDPR) information for clients of Sharon Nicholson Counselling in Weymouth
What do I use your information for?
The information I collect about you is used as contact & emergency contact information, and in order to fulfil my professional and contractual obligations.
If you sign up to receive my blog posts and other information about my services by email, your email address will be retained for these purposes until you unsubscribe.
You are able to unsubscribe from my mailing list at any time.
Disclosure of your information
I maintain confidentiality in accordance with the British Association of Counselling and Psychotherapy (BACP) Ethical Framework for Counselling professions – this can be viewed at https://www.bacp.co.uk/events-and-resources/ethics-and-standards/ethical-framework-for-the-counselling-professions/
There are very few circumstances in which I would need to share your information:
If I have safeguarding concerns regarding either yourself, children, or other people that you are in contact with, I may need to share this information with other agencies.
I will endeavour to discuss with you in the first instance, but I retain the right to break confidentiality without prior consultation with you, should I consider that the urgency of the situation requires me to act immediately to safeguard the physical safety of yourself or others.
Any information shared will be proportionate and the minimum required.
Clinical Will - In the event of my death, or becoming incapacitated, a designated counselling colleague will have access to names and contact details of my current clients. This is to enable clients to be contacted and options of how to go forward maintaining wellbeing and safety will be discussed. My colleague follows the same confidentiality processes in line with GDPR.
I may have a legal obligation to share information if the courts order me to do so.
I have a legal obligation to report any information that relates to terrorism, money laundering and radicalisation.
I use Zoom as a third party provider in order to process your information.
Data Retention Schedule
Any personal and sensitive data collected is stored securely in line with GDPR guidelines.
After we finish working together, the information I hold about you will be appropriately destroyed after 5 years, in line with my insurance company policy.
I have a legal obligation to keep financial records for 7 years, for the purposes of tax returns.
Your rights under GDPR
You have the right to be informed.
You have the right to access the personal information that I hold about you.
You have the right to data portability. I will provide a copy of this information except in the limited circumstances in which I am permitted not to.
Requests will be processed within 30 days, and free of charge, unless manifestly unfounded or excessive. An admin fee will be charged if the request is excessive and this may take longer to process.
You have the right to request amendments to the personal information I hold about you that is inaccurate or out-of-date.
You have the right to erasure and I will take all reasonable steps to erase your information unless I need to keep it for legal, auditing or internal business purposes.
You have the right to restrict processing.
You have the right to object (not applicable to the lawful basis of legal obligation)
You have rights related to automated decision making.
It should be noted that the ICO says that these are not absolute rights https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If I discover there has been a data breach of your personal information that could put you at risk, I will undertake to tell you, and the ICO, within 72 hours.
Complaints, questions and access requests should be addressed to Sharon Nicholson at
Sharon Nicholson Counselling, Weymouth, Dorset. Tel: 07984106004