Signpost Logo

Helping young people find their voice

Menu

PRIVACY NOTICE (CLIENTS)

INTRODUCTION

Under data protection legislation, we need to tell you what data we collect about you and what we intend to do with it. This data protection Privacy Notice sets out how we collect, process and protect your data.

If there is any specific data that you do not want us to keep, please let us know. However, this may affect our ability to offer you an appropriate counselling service.

THE LEGAL BASIS ON WHICH WE COLLECT YOUR DATA

When you use our website or otherwise provide data informally, the data is collected and processed based
on your having given Consent. You can withdraw your consent at any time, and we will delete your data.

When you start counselling or book an event, we enter a contract to deliver a service. Data is then collected
and processed on the basis of Contract and/or the Provision of Health Care.

HOW WE OBTAIN YOUR DATA

In most cases, the data we process is obtained directly from yourself. If a third party referred you, they might
have given us some information about you. The information would typically include your name, contact
details and your relationship to the referrer. However, we have no control over the information they supply.
Additionally, when you use our website, we receive some information, such as your IP address and browser
details.

THE DATA WE KEEP AND HOW WE USE IT

Here we list the data we might keep about you. It is impossible to have a comprehensive list, and we do not
keep all this information for every client. We only record, and save the information we need.

Name, age and date of birth: this helps us get to know you and identify you.

Relationship status, partner’s name and age and how long you been in this relationship: this information
helps us understand your current domestic situation.

Address, email address, phone number(s): We need this information to contact you.

Doctor and emergency contact details: We have a duty of care towards you and, sometimes, might need an
emergency contact. We also might need to contact your GP if, for example, you were at risk of serious harm.
Except in the most exceptional circumstances, we would contact no one without your prior knowledge and
consent.

Employment, living situation and support: We use this information as part of our client assessment process,
helping us deliver the best service.

School/employer/agency details: We collect this information where a third-party is paying so we can invoice
them for the work we do.

Parents, siblings and children: We often need to know something of your background as part of the
assessment process.

Broader familial information: Sometimes, we need more extensive family information. This information is
necessary to understand the client’s world and, potentially, for child/vulnerable adult protection purposes.

Assessment forms/scores: We might use assessments as an audit of the effectiveness of our work as part of
the assessment process.

Session notes: Counsellors keep brief, factual notes as a record of your work together.

Recordings of sessions: Sometimes, we might record a session as a record of our work together or for use in
clinical supervision and professional development.

Correspondence: We might store copies of any communication as part of your clinical notes.

Referral information: We need to keep third-party referral details for invoicing purposes. We might use
some referral information as part of your initial assessment.

Appointment/attendance/fees: Appointment, attendance and payment details are required for scheduling,
reporting, invoicing and accounting purposes.

CCTV: We have CCTV protecting the premises. We rarely access the recordings. We do not use facial
recognition.

IP address and metadata: When you use our website, we receive and process your IP address and data
about your device and web browser. We need this information to deliver the website.

Cookies: Cookies are used to make parts of our website work and for website tracking and analytics.

SHARING YOUR DATA

We will never sell your data or use it for any purpose we have not agreed.

We might share your essential contact details and appointment times within our organisation so we can
contact you in an emergency.

We might also share information:

  • if you disclose information related to terror or terrorist activities
  • if you or anyone you identify to us is at serious risk of significant harm
  • in clinical supervision
  • as explicitly directed by a court order or coroner request
  • according to your explicit, written instruction
  • to invoice for our work (reference and attendance information only)
  • in a discharge/progress report, if required, and with your consent

We would only share the minimum necessary information. Where possible, we would get your explicit
consent before sharing any data.

HOW WE WILL STORE YOUR DATA

We store all physical documents in a locked filing cabinet and electronic records in an encrypted computer
system.

HOW LONG WE STORE YOUR DATA AND HOW WE DISPOSE OF IT

We keep session notes and contact details seven years after our last contact (or seven years after you turn
18, whichever is longer). We destroy any audio, video and similar recordings after three months.

We destroy all records by physical or electronic shredding or similar methods of secure destruction.

DATA ACCESS

You may request access to any data we hold about you. Please make any request by email to
[email protected] or by post marked ‘private and confidential’ to:

The Data Protection Officer
Signpost Counselling
St Mary’s Churchyard
Watford WD17 2BE

We will respond to any valid request within 28 days of receipt.