For Psychotherapy, Coaching And Leadership Retreats
Last updated: January 31, 2025
I always aim to respect your privacy, keep your personal information safe and secure, and aim not to infringe upon your human rights and freedoms. However, legislation on data protection has come into force from Friday 25th May 2018 called the GDPR.
Introduction
At Eudaimonic Therapy and Coaching we are committed to protecting your privacy and handling your personal information with the utmost care. We comply with the GDPR (General Data Protection Regulation) to ensure your rights are respected.
What is the GDPR?
The GDPR provides greater transparency and control over how your personal data is handled. It gives you rights regarding the collection, storage, and use of your personal information.
Why Do We Collect Your Data?
To support you effectively in therapy, coaching, or workshops, we may collect the following information:
- Personal details: Name, address, date of birth, gender, contact information
- Health information: Relevant physical or mental health conditions, therapy goals
- Risk assessment data: Suicidal thoughts, self-harm intentions
- Session records: Activities, assessments, treatment notes
This data allows us to offer personalized support and ensure compliance with professional and legal requirements, including insurance protocols.
How Do We Collect Your Data?
Data may be collected during the initial assessment and ongoing sessions, either in-person or virtually. We use secure systems, such as the Power Diary telehealth platform, to store and manage session information.
Website and Tracking
Our website https://eudaimonic.co.uk uses Google Analytics for website traffic analysis. We do not have access to your IP address, but Google does track it. You can disable cookies in your browser if you prefer not to be tracked.
How Do We Store Your Data?
- Paper records are stored in a locked filing cabinet.
- Digital records are stored securely in the Power Diary system and backed up in the cloud via Microsoft.
- Email and text communication are stored only on my personal, password-protected devices.
Client records are retained for up to 6 years. Financial records are kept for 5 years, after which they are securely destroyed.
Access to Your Data
You have the right to request a copy of your personal data, known as a Subject Access Request. To do so, contact us at [email protected]. We will respond within one month and provide your data at no cost, unless the request is complex. If a fee applies, you will be notified.
Amending Your Data
If any of the data we hold is incorrect, you can request corrections, and we will make necessary amendments promptly.
Sharing Your Data
We will not share your personal data with third parties without your explicit consent, except in the following cases:
- If we have concerns about your safety (e.g., suicidal or self-harm risks)
- If required by law or a court subpoena
- If disclosure is necessary to protect others’ safety
How Long Do We Keep Your Data?
We retain client records for 6 years, after which they are securely destroyed (paper records shredded, digital records deleted). Financial information is retained for 5 years for tax and legal purposes.
Your Rights Under the GDPR
- Right to be Forgotten: You can request your data be erased at any time, subject to certain legal exceptions.
- Right to Object: You can object to how your data is processed, though this may impact the continuation of therapy or coaching due to legal or insurance requirements.
Data Breaches
In the event of a data breach that puts your privacy at risk, we will inform you within 72 hours, as required by law.
Questions or Concerns
If you have any questions about this policy or your personal data, please contact us at [email protected]. You can also visit the Information Commissioner’s Office (ICO) website at https://ico.org.uk for further guidance.