Phoenix Therapy Practice respects your right to privacy and confidentiality. The manner in which we collect, process, store and safeguard information including client records is in line with the new EU regulations of May 2018.

For further information regarding General Data Protection Regulations (GDPR) please visit below pages:

• UK Data Protection Act 1988 (DPA)

• EU Data Protection Directive 1995 (DPD)

• EU General Data Protection Regulation 2018 (GDPR)

If you wish to learn more about what this means for you please visit www.ico.org.uk/for-the-public/.

Phoenix Therapy Practice is a not for profit community interest company offering a range of counselling and therapies. Our practitioners and staff are aware of the privacy regulations and responsible for the safeguarding of all data collected.

Our website, www.phoenixtherapypractice.co.ukhas a privacy notice which is published and made accessible to all who visit it.

Data Collection:

As a part of our day to day activity, and to be able to offer the best possible service, we obtain, process and retain below data from our service users:

Personal Data

Name & Surname, Date of Birth, Address, Telephone Numbers, E-mail address

GP Details

Availability

Current issues leading to seeking counselling services

Ethnic Origin, Gender and Sexual Orientation

Medical and Psychiatric Conditions

Therapy History

Emotional and Psychological issues

Relationships: parents, siblings, children, partners

• Data Retention:

All personal and confidential data is stored, maintained and retained in accordance with the principles of the Data Protection Act 1998 and the new EU regulation changes. We only keep data for as long as we need and then 7 years after last contact, in order to offer you best performance of your contract, as long as we have your consent.

Data is treated strictly confidentially and is stored within the premises of Phoenix Therapy Practice.

We take diligent steps to keep your data secure: our client records are electronically stored, coded with numeric and alphabetical codes, encrypted and password protected. Our Wi-Fi access is password protected and not accessible to public or third parties. Our passwords are changed on a yearly basis.

• Data sharing:

Phoenix Therapy Practice will share the initial data we collect with appropriate practitioners, if we have your consent to do so. Consent is obtained in writing and retained with your personal data. Age restriction for personal consent is 16 in the UK. Parental/Guardian consent will be taken if an individual is below the age of 16. Your data will always be kept strictly confidential and will not be shared with third parties.

In case of not being given consent to do so, Phoenix Therapy Practice reserves the right to not offer counselling or therapy.

Due to the official authority vested in Phoenix Therapy Practice, if there is a risk of harm to one’s self or others, information regarding money laundering and terrorism, Phoenix Therapy Practice is obliged to contact relevant authority (e.g. Adult Social Care, GP) and share relevant information without consent from you.

• Rights of the Subject: (Clients, Practitioners, and staff)

The new regulations include provisions for the following areas:

1. 1. The right to be informed:Phoenix will publish a privacy notice on the website, in addition to explaining transparently to all service users and providers how they use this personal data.

1. 1. The right of access:Individuals have the right to demand details of any of their data that Phoenix may hold. This is called a Subject Access Request. This information must be requested in writing and provided within one month of request with no charge to the individual.

1. 1. The right to rectification:If a person’s data is incorrect or incomplete, they have the right to have it corrected. If Phoenix holds the information and has passed any of that information to third parties, Phoenix must inform the third party of the correction and inform the person which third parties have their personal data.

1. 1. The right to erasure:A person may request the removal of their personal data in specific circumstances. Phoenix reserves the right to reject these requests if there is lawful basis to retain this data.

1. 1. The right to restrict processing:Under certain circumstances, an individual can block the processing of their personal data.

1. 1. The right to data portability:A person can access their data for their own use.

1. 1. The right to object:A person can object to the use of their personal data for most purposes.

• The right not to be subject to automated decision-making including profiling.

There are lawful exemptions within the Act which may allow an organisation to refuse to comply with the subject access request, right to rectification and right to erasure where appropriate.

• Data breaches and breach reporting:

GDPR introduces a duty on all organisations to report certain types of data breach to the ICO, and in some cases, to individuals. Breaches that are likely to result in risk to the rights and freedoms of individuals if, for example it would result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage, any witness holds the right to report this breach to ICO. In case of high risk, individuals concerned directly must also be informed.

Phoenix Therapy Practice has the right procedures in place to detect, investigate and report personal data breaches. Any type of risk identified above must be reported to the DPO immediately for an investigation. Failing to report risk will result in liability.

Equalities: 

Phoenix Therapy Practice takes pride in being a safe and inclusive environment for all our clients and workforce. In line with The Equality Act 2010 we do not tolerate discrimination and/or micro-aggression on grounds of protected characteristics such as sex, gender, gender identity, marital status, sexual orientation, class, race, colour, nationality, religion, age, disability, HIV positivity– or any other grounds. Our clinical practice environment is designed to reflect our belief in equality and inclusion. We attempt to empower our client group and partners to act as champions of values against conscious and unconscious bias. We understand at Phoenix that “no-tolerance to discrimination” is not enough to achieve equality or support for all parts of the community. We are committed to values and behaviours that will achieve this by promoting diversity within the community, our workforce and partners. We aim to achieve and sustain this equality by establishing our practice with the valuable input and presence of under-represented groups, building in legislative requirements and best practice to all our service delivery and supporting these with appropriate training and guidance for the community and workforce. We will also be aiming to receive and make use of any feedback to improve and develop our service delivery. We are proud to have a diverse range of practitioners from some under-represented groups, and we will endeavour to improve on areas in which we are still under represented.