Comments

When you leave comments on my website, I collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection. An anonymised string created from your email address may be provided to the Gravatar service to see if you are using it. Gravatar’s privacy policy is available at https://automattic.com/privacy/. After approval, your profile picture is visible to the public in the context of your comment.

Contact forms

When you contact me through my contact form, no data is stored on the website. Instead the information is emailed to me at hello@alicetew.com. If you use this form, you will be consenting to me having your name, email address and any information you provide in your message. If you do not become a client, this information is deleted from my emails one calendar month after our last correspondence. If you do become a client, this information may be used to form part of our contract together and stored securely in order to complete my duties under our contract. I do not use information supplied through my contact form for marketing purposes.

Email enquiries

I use Gmail when responding to website enquiries, both from my contact form and direct emails. Gmail encrypts messages in transit using TLS (Transport Layer Security). If your email provider does not use TLS, the information you include in your email may not be secure. Google servers are based in the US. Google is covered by the EU-US Data Privacy Framework, which provides an approved level of data protection for transfers from the UK to the US. You can read more at https://www.dataprivacyframework.gov/.

Booking and client records

I use WriteUpp, a GDPR-compliant practice management system, to manage bookings and store client records. Bookings are made via SelectandBook, which is WriteUpp’s own booking platform. When you book a session, the information you provide is stored securely within WriteUpp. WriteUpp stores data on UK-based servers and is compliant with UK GDPR. You can read WriteUpp’s privacy policy at https://www.writeupp.com/privacy-policy/.

WriteUpp is used only for confirmed clients. It is used to store session notes, contact details and records relating to our therapeutic contract. This information constitutes special category health data under UK GDPR. My lawful basis for processing this data is the performance of a contract for the provision of healthcare services, and my legitimate professional obligations as a BACP Accredited therapist.

Client records are retained for seven years following the end of our therapeutic relationship, in line with BACP guidance. After this period, records are securely deleted.

Newsletter and email marketing

I use MailerLite to manage my newsletter subscriber list and send emails to subscribers. MailerLite is a third-party provider which may process your data using industry-standard technologies to help me monitor and improve my newsletter. MailerLite’s privacy policy is available at https://www.mailerlite.com/legal/privacy-policy. You can unsubscribe at any time by clicking the unsubscribe link at the end of any newsletter.

Cookies

This website uses cookies to help it work efficiently and to provide me with information about how people use my site. If you leave a comment on my site you may opt in to saving your name, email address and website in cookies for your convenience. These cookies will last for one year.

Embedded content

Articles on my website may include embedded content such as videos, images or articles. Embedded content from other websites behaves in the same way as if you had visited those websites directly and may collect data about you, use cookies and embed additional tracking.

Analytics

I use Google Analytics to collect anonymised data about website visitors including IP address, approximate location, pages visited, number of visits and device type. This helps me ensure my content is appropriate and engaging. Google’s privacy policy is available at https://policies.google.com/privacy.

Workbook downloads

I use FEACreate, which is built on the GoHighLevel platform, to deliver my free workbook and manage the associated mailing list. When you download my free workbook, the information you provide is processed by GoHighLevel, a US-based company. GoHighLevel’s privacy policy is available at https://www.gohighlevel.com/privacy-policy. Data transferred to GoHighLevel servers in the US is subject to standard contractual clauses as a safeguard for international transfers under UK GDPR. You can unsubscribe from this mailing list at any time by clicking the unsubscribe link at the end of any email.

I will never share your data with anyone unless

1. I am legally obliged to or
2. There is a legitimate interest for me to do so (such as a safeguarding issue) or
3. You have given me your consent to do so.

Website comment data is retained indefinitely. Contact form enquiries from non-clients are deleted one month after our last correspondence. Client records held in WriteUpp are retained for seven years following the end of our therapeutic relationship, in line with BACP guidance.

Electronically held data is held on a password protected laptop and smartphone protected by passcode and biometric security. WriteUpp uses encrypted, UK-based servers. Paper data is stored in a locked document file in a locked property. Data is deleted securely once it is no longer required.

In the event of a data breach I will report certain types of breach to the ICO within 72 hours of becoming aware of it. If the breach is likely to result in high risk to individuals I will also inform those individuals without undue delay. I keep a record of all personal data breaches regardless of whether notification is required.

Under UK GDPR you have the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object, and rights in relation to automated decision making. You can read more at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

For any queries about my privacy policy and procedures, please email me at hello@alicetew.com