The General Data Protection Regulation (GDPR) is concerned with the personal information about you that we collect, store and share. This document details our GDPR policy. All associates of The Psychology Company are GDPR compliant, are considered joint data controllers and have their own individual GDPR Privacy Policies.
Personal Information We will Collect
As psychologists we will collect both personal and sensitive data. The reason we collect your personal information is to enable us to deliver psychological therapy. We collect information at the point of initial contact (which might be via email, website contact page or phone call) as well as during the initial assessment session and any subsequent therapy sessions. The information we collect may include the following;
- Date of birth
- Gender (or preferred identity)
- Telephone/SMS number/Whats App contact details (plus permission to send SMS and Whats App message and leave voice messages)
- Email address
- GP name and practice address
- Psychological therapy history including any current or historical psychiatric diagnoses.
- Medical conditions relevant to psychological therapy
- Prescribed medication
- Current psychological difficulties
- Historical psychological difficulties
- Lifestyle and social circumstances
- Risk information such as suicidal and self-harming history and alcohol and drug use
We have implemented measures to ensure your personal and sensitive data remains secure. Your information may be stored in the following ways;
- Paper; written notes which will include the initial email you sent or website contact sheet and therapy contracts. It may also include brief session notes if your psychologist keeps paper files. These will be stored in a locked filing cabinet.
- Google Cloud; brief session notes may be stored on my google cloud which is GDPR compliant. Your name will not be used within electronic session notes and will be saved by a non-identifiable code.
- Smartphone; we may store your contact information in our contacts but will use a non identifiable code rather than your name.
- Email/SMS/WhatsApp; your email address will be stored in an email account (currently G–Mail) should you wish to communicate via email. Your telephone number may be stored in SMS or WhatsApp should you exchange messages this way with your psychologist but will be stored via a non-identifiable code rather than your name. Electronic correspondence will also be held by the corresponding app (Gmail, Phone’s SMS, WhatsApp) all of which are GDPR compliant.
- Website; none of your personal information is stored on The Psychology Company website, other than to momentarily collect and send a contact sheet to the founders Gmail account for the purpose of making initial contact via that contact page.
- Dropbox; Should you and your psychologist wish to share documents via dropbox a shared dropbox account may be set up and all the information shared will be held by you, your psychologist and dropbox which is GDPR compliant.
- Zoom session recordings; If you are using Zoom for online psychological therapy sessions and would like your sessions to be recorded so you can listen to them again then a recording of the session will be saved within the zoom app on your psychologists computer and uploaded into your dropbox account immediately after the session. The recording will then be deleted from zoom and trash will be emptied immediately.
- Skype Answering Service; If you call The Psychology Company directly (rather than your individual psychologist), for example to make an initial enquiry and you leave a message then this message will be stored within The Psychology Company Skype account. Skype is GDPR compliant. As soon as the message has been listened to it will be immediately deleted.
- Electronic devices; All electronic devices (including computers, laptops and mobile phone) used to access stored information will themselves be password protected.