1.0 My Philosophy Regarding User Privacy And Data Protection
– User privacy and data protection are human rights
– I have a duty of care to the people whose data I collect
– Data is a liability. It should only be collected and processed when absolutely necessary
– I hate spam just as much as you do!
– I will never sell, rent or otherwise distribute or make public your personal information
2.0 Relevant Data Protection Legislation
This website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
– UK Data Protection Act 1988 (DPA)
– EU General Data Protection Regulation 2018 (GDPR)
This site’s compliance with the above legislation means that this site is more than likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
3.0 Personal Information I Collect And Why I Collect It
Collection of personal information is as outlined below.
3.1 Site Visitation Tracking
Like a lot of websites, this site uses analytics to track user interactions. I use this data to monitor the number of people using mu site, to help to understand how they find and use my web pages, and to see their journey through the website.
Unlike a lot of websites I do not use Google Analytics. Instead, I use Microanalytics, a privacy focused website analytics provider, fully compliant with GDPR, PECR and CCPA.
Microanalytics doesn’t track you with your IP address, fingerprints or cookies. Nobody can be identified.
3.2 Contact Forms And Email Links
If you choose to contact us using any of the contact forms on this website or using an email link, none of the data that you supply will be stored by this website or passed to/be processed by any of the third party data processors detailed in section 5.0. Instead, the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP).
3.3 Written Records
All written records are kept double locked at all times. Any clinical notes I take are anonymised so unidentifiable to anyone but myself.
3.4 Clinical Information
All clinical information about the content and process of psychotherapy is strictly confidential. The only exception to this is if I believe you are a danger to yourself or someone else, or if there is information about terrorism or money laundering that is brought to my attention at any point.
3.5 Appointment Enquiries
By making an appointment enquiry, you give implied consent for me to contact you via the details provided. All personal information and details are kept in accordance with the BACP Code of Ethics. Full details of my commitment to confidentiality and best practice are issued to every client prior to a first meeting in my Disclosure Statement. A copy of this is available on request to any current or former client at any time.
4.0 About This Website’s Server
This website is hosted by Stablepoint within a UK data centre located in London.
More details of Stablepoint’s technology can be found Stablepoint’s website.
All traffic (transfer of files) between this website and your browser is encrypted and delivered over HTTPS.
5.0 My Third Party Data Processors
I use the following third parties to process personal data on my behalf:
– Fathom Analytics (Privacy policy)
– Gravatar (Privacy policy)
These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0 above.
6.0 Data Breaches
I will report any unlawful data breach of this website’s database, or the database(s) of any of my third party data processors, to all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
7.0 Data Controller
The data controller of this website is: Ann-Marie James. Whose office is: Mind Garden Therapy Centre 56 London Street, Reading, RG1 4SQ
8.0 Change log
02/Jul/2024
Updated to Fathom Analytics
01/Sep/2023
Updated Microanalytics’ privacy page link
06/May/2022
Privacy policy instigated