General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union that comes into effect from 25 May 2018. This document explains how Ines Perrin uses any personal information she collects about ‘you’ as patient or when using her website.
It is assumed that by engaging with the service your are consenting to records being kept.
Ines Perrin is the data controller for Ines Perrin Psychological therapy service.
Reasons for collecting and processing information about you
Ines Perrin may collect information about you because you are a patient of hers. She processes the data because it is in her legitimate interests as clinical psychologist to do so. As a psychologist, she needs to see and analyse documents containing this information to provide her expert advice, to carry out an assessment or to deliver psychological intervention.
What type of personal data is collected and processed
Ines Perrin will collect information about you that may include personal or sensitive information, such as:
– Personal information: name or given name, family name or surname, address, telephone numbers, date of birth, gender (or preferred identity), age, relationships and children, occupation, telephone/SMS number, email address, GP or psychiatrist contact details;
– Sensitive information: medical conditions (if relevant), prescribed medication, psychological history and current difficulties, sexuality, financial information,
– Sensitive personal data: signed therapy client agreement, therapy records (therapist notes, letters and/or outcome measures).
To make sure that you are assessed and/or treated safely and appropriately, Ines Perrin records your personal information, as well as all contacts you have with her such as appointments.
Ines Perrin will also process personal data pursuant to her legitimate interests in running her business such as invoices and receipts, accounts, VAT and tax returns.
Web access collection of information
When you complete an online contact form Ines Perrin will collect information about you and your internet protocol (IP) address. This is automatically supplied by the website software used to offer the form. Ines Perrin always tries to minimise the amount of personal information that she requires to provide a specific service or feature. The web services used by Ines Perrin is encrypted and GDPR compliant.
How your personal information is stored
Ines Perrin takes your privacy very seriously. She is committed to taking all reasonable steps to protect any individual identifying information that you provide to her. Once we receive your data, she makes best efforts to ensure its security on our systems. All personal information provided is stored in compliance with EU General Data Protection Regulations rules.
How long your personal information is stored for
Ines Perrin does not keep your data for longer than is necessary. Basic contact information to set up an initial appointment such as your contact details, your availability or other personal relevant information will not be held for more than four weeks unless we meet for a first session. If you start therapy, all personal data and therapy records will be retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by The British Psychological Society (BPS; 2000) and The Health and Care Professions Council (HCPC; 2017) and then destroyed.
What we do with your personal information
Ines Perrin takes your privacy seriously. We will only use your personal information to provide the services you have requested. If you do not provide the personal information requested, then she may be unable to provide a therapy service to you.
How your personal information is used
Ines Perrin uses the information she collects to provide her service to you as a psychologist and send you information about your appointment.
Who we might share personal information with
Ines Perrin holds information about her patients and the therapy they receive in confidence. However, in exceptional circumstances, she might need to share personal information with relevant authorities:
- When there is need-to-know information for another health provider, such as your GP or your psychiatrist but this will be discussed with you and done with your written consent.
- When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.
- When the information concerns risk of harm to the patient, or risk of harm to another adult or a child.
What she will NOT do with your personal information
She will not share your personal information with third-parties for marketing purposes.
How is ensured the security of personal information?
Personal information is minimised in phone and email communication. Sensitive personal data will be sent to clients in an email attachment that is encrypted and password protected.
Personal information is stored on file and on a computer owned by Ines Perrin. These are locked in a secure location and password protected. Malware and antivirus protection is installed on all computing devices. Mobile devices are protected with a passcode/thumbprint scanner, mobile security and antivirus software. Whilst Ines Perrin endeavour to keep all systems and communications protected against viruses and other harmful effects, she cannot bear responsibility for all communications being virus free.
Ines Perrin is committed to protecting your rights to privacy which include:
- Right to restrict the processing of your personal data
- Right to object to the processing carried out based on our legitimate interest
- Right to be informed about what is done with your personal data
- Right to be forgotten and your personal data destroyed
- Right to get your personal information corrected if it is inaccurate or incomplete
- Right to access the information held about you (this will usually shared this with you within 30 days of receiving a request-there may be an admin fee for supplying the information to you)
- Right to complain to a regulator (ICO) if you think that your psychologist has not complied with data protection laws
Ines Perrin reserves the right to refuse a request to delete a client’s personal information where this is therapy records. Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by The British Psychological Society (BPS; 2000)  and The Health and Care Professions Council (HCPC; 2017) .
Ines Perrin’s ICO registration number is ZA310963
More information can be found at the following weblink: