Professional Counselling Agency
This Privacy Statement describes how our organisation collects and uses personal information. Service users should be aware that by contacting us, by using our services, and even by visiting our website, they are agreeing to be bound by this statement. Additionally: we may amend this statement from time to time by updating its contents. Service users are therefore advised to check this page from time to time to ensure that they are happy with any changes that have been made. Any queries about this Privacy Statement, or queries relating to the collection and management of personal data, may be directed to us via email:firstname.lastname@example.org.
Focus Counselling was established in 1999 and is now Bath’s largest professional Person Centred counselling charity – charity number 1108331. Founded in Bath, we opened in Frome in 2019, and are now also operating online: via Skype, Zoom and by telephone.
Focus Counselling is a Limited Company (number 04870759). Our registered address is:
Our Frome address is:
St. John’s Cottage
1 Church Steps
Focus Counselling is committed to promoting the physical, emotional, mental and spiritual health and well-being of our clients in Bath, Frome and beyond. We aim to transform people’s lives by providing a professional service that is trustworthy because it is confidential. We also want everyone to have access to our services, regardless of their financial situation. This is why we campaign to fund those clients who have a limited capacity to pay for their own counselling. We also raise funds to ensure that Focus Counselling is financially viable – so that we can continue to contribute to the communities in which we are based, and also the communities in which our clients are based.
At Focus Counselling, we are committed to protecting personal information so as to protect people’s privacy. We do this in accordance with the current legislation, that being theData Protection Act 2018, which is the UK’s implementation of the General Data Protection Regulation, known as GDPR. This regulation controls how personal information, known as personal data, is used by organisations within the European Union, and how it provides greater protection for all persons. We uphold this legislation not only to ensure that everyone within our organisation is acting lawfully, but to protect the interests of those we serve, particularly our clients. Based on the criteria set out in the GDPR, we do not need a Data Protection Officer, but we have appointed a Data Compliance Officer:Jayne Burgess, to aid us in the task of ensuring that we protect the interests of all data subjects and comply with regulations.
The Data Protection Act requires those responsible for using personal data to do so according to six data protection principles. Briefly, these ensure that information is:
- Used transparently;
- Used for specified, explicit purposes;
- Limited to only what is necessary;
- Accurate and up to date;
- Kept no longer than is necessary;
- Handled in a way that ensures appropriate security.
According to these principles, as the data controller, Focus Counselling is required to be open, honest and clear with all service users, known asdata subjects – right from the start – in respect of:
- Whyinformation is collected,
- What information is collected,
- Howinformation will be collected, and
- How information will be used
– in relation to the services we offer.
Why information is collected – itsspecified, explicit purposes– and how it is used:
- Identity data is collected so that we know how to refer to you, and also for communication purposes, as below.
- Contact/communication data is collected so that we are able to contact you. This is necessary for the service we provide; however, we are happy to liaise with you as to your chosen means of communication, whether that be email, or text, for example.
- Sensitive data is collected in order to aid us in the task of providing counselling services, including allocating the most appropriate counsellor, as well as providing an aide memoire for counsellors from one session to the next.
- Financial data is sometimes required in order to enable us to access appropriate funding for counselling services. It is your choice whether to provide such information, but refusing to do so may mean that we cannot deliver the service you would like us to provide.
What information is collected?
- Identity data, such as first and last names;
- Contact/communication data, including: postal address, email address and telephone numbers, together with the preferred method of communication;
- Sensitive data in respect of the client’s reason for seeking counselling, as well as other relevant details regarding their general and mental health; this includes medication, existing health conditions and any other factors deemed relevant to the service we provide;
- Financial data, which may include recent bank statements and aNational Insurance Number.
NB: The principle regarding data collection and usage beinglimited to only what is necessary, means that data that does not enable delivery of the service our organisation provides is neither collected, nor subsequently used and/or retained. Additionally, with regard to the principle that data should be kept for no longer than is necessary, this means that Focus Counselling does not retain personal data for clients who have completed their counselling, though if they express an intention to return to counselling at a later stage, or think they may return, this provides legitimate grounds for data retention. In the absence of such grounds, personal data is archived once counselling has ended.
How information will be collected:
Personal data is usually recorded electronically during initial contact with the client or service user, using a secure database management system, access to which is restricted to relevant personnel, via password. If it is not possible to access this system during the initial contact, information may be recorded on paper prior to transferring itto the electronic format at the earliest opportunity, after which, the paper version is shredded. Such information, together with sensitive data, may be acquired by telephone or during the initial face-to-face session.
It is usual practice for counsellors to keep notes in respect of counselling sessions, to assist them with the service they provide. The notes are stored electronically and archived after counselling has ended. Archived notes are permanently deleted after one year. The notes do not include the client’s name, or other identifiers. Clients have the right to see these notes and accordingly, counsellors are obliged to provide them upon request; this is achieved via a Subject Access Request, as explained below.
We may need toshare information about clients who we feel are at risk of harm. This is explained in our Counselling Contract which is covered during the initial counselling session, known as the ‘Intake.’ Briefly, it is considered defensible (and therefore good practice) to breach confidence, in good faith, in order to assist the prevention or detection of a serious crime. This is because a counsellor cannot be legally bound to confidentiality about a crime.In addition, In some situations, clients’ needs and/or the public interest may potentially outweigh the general duty of confidentiality – that need being a need to prevent serious harm to the client (or to others), for example.Accordingly, in a medical emergency, breaching confidentiality may be considered necessary to protect a person’s vital interests, as detailed in Article 9 (2) (c) of theRegulation (EU) 2016/679 of the European Parliament and of the Council. Other valid reasons for breaching confidentiality include: issues pertaining to national security, acts of terrorism, drug trafficking, and safeguarding in relation to children and vulnerable adults. NB: More information on the issue of confidentiality can be found on the BACP (British Association for Counselling and Psychotherapy) website, and specifically, their publication: ‘Good Practice in Action 014 (Legal Resource): Managing confidentiality within the counselling professions,’Section 4: Exceptions to the duty of confidentiality, pages 11 – 18.
At Focus Counselling, personal data management adheres to the principle of appropriate security, so as to prevent unlawful access. Accordingly, our organisation adheres to the following procedures:
- Our offices are locked when unattended/closed and accessible only via a code operated entry keypad, the code for which is available solely to members of our organisation.
- Office hardware, including PCs and laptops, is password protected.
- As stated above, personal data is stored electronically using a secure database management system, access to which is restricted to relevant personnel, via password.
What rights do you have over your data?
All data subjects have the right:
- To be informed about how their data is being used;
- To access and receive a copy of their personal data and other supplementary information. This is achieved via a Subject Access Request (SAR). SARs may be made verbally or in writing, including via social media and also by a third party. Organisations must respond without delay and within one month of receipt of the request, or within three months if the request is complex. The information should be disclosed securely and provided in an accessible, concise and intelligible format. Requests may be refused only if an exemption or restriction applies. In most circumstances, organisations are not permitted to charge a fee for responding to a Subject Access Request, however, there may be a charge if a lot of information is requested, or the request takes a lot of time and effort to process. Subject Access Requests should be made to Focus Counselling’s Data Compliance Officer: Jayne Burgess.
- To request that inaccurate information is corrected, either because it is wrong, or because it needs updating due to changed circumstances. Correction of inaccurate data requested by a data subject is actioned at the earliest opportunity and the subject informed once this has been achieved;
- To request the deletion of personal data;
- To stop or restrict the processing of their data;
- To data portability, which enables data subjects to obtain any personal data held by one organisation and reuse it, hence copying and transferring it from one service or environment to another;
- To object to how personal data is processed in certain circumstances;
- To lodge acomplaintwith the Data Protection Commissioner.
In respect of the above, service users should be aware that some of the above requests may result in us being unable to deliver the service being requested. However, if this is the case, our Data Compliance Office, Jayne Burgess, will explain it at the earliest opportunity.
If you are not happy with any aspect of the way we collect and use your data, we very much hope you will talk to us first. You can do this in writing, by telephone and by email, as below. We will always do everything we can to address your concerns. However, if, having discussed the matter with us, you are still unhappy, or if you do not feel you can raise the matter with us, you have the right to complain to the Information Commissioner’s Office and you can do this via their website:https://ico.org.uk/make-a-complaint/,or by telephoning them on 0303 123 1113.
To contact us:
Telephone: (01761) 434220
 ‘Good Practice in Action 014 (Legal Resource): Managing confidentiality within the counselling professions,’ Section 4: Exceptions to the duty of confidentiality (p. 11), BACP, available from: https://www.bacp.co.uk/media/6305/bacp-managing-confidentiality-legal-resource-gpia014-july2019.pdf.
Ibid, Section 4: Balance of public interest (a) (p. 11).