Privacy Policy

Afterglow Counselling Privacy Policy

Protecting your data is important to me.

________________________________________

1. Introduction

This Privacy Policy explains how Afterglow Counselling collects, uses, stores, and protects your personal data. I am committed to safeguarding your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to current and former clients, prospective clients, and anyone who contacts me in relation to my counselling services.

________________________________________

2. Data Controller

For the purposes of data protection law, I am the Data Controller.

Practice name: Afterglow Counselling

Email: abby@afterglowcounselling.co.uk

Telephone: 07887 227472

If you have any questions about this policy or how your data is handled, please contact me using the details above.

________________________________________

3. Personal Data I Collect

I may collect and process the following types of personal data:

a) Personal Identification and Contact Information

• Name

• Address

• Email address

• Telephone number

• Emergency contact details

b) Special Category Data (Health Information)

• Information about your mental and emotional health

• Session notes and clinical records

• Information you choose to share during counselling sessions

c) Administrative and Financial Information

• Appointment dates and times

• Payment records and invoices

d) Website and Communications Data (if applicable)

• Emails, messages, or enquiry forms sent to me

• Basic website usage data (if you use an online contact form)

________________________________________

4. Lawful Basis for Processing

Under UK GDPR, I rely on the following lawful bases to process your personal data:

• Consent – for processing special category data related to your health

• Contract – to provide counselling services you have requested

• Legal obligation – to comply with legal, regulatory, or insurance requirements

• Legitimate interests – for practice administration and record keeping (where applicable)

You may withdraw your consent at any time, although this may affect my ability to continue providing counselling services.

________________________________________

5. How I Use Your Information

Your personal data is used to:

• Provide counselling services

• Maintain accurate clinical and administrative records

• Arrange, manage, and confirm appointments

• Communicate with you regarding your therapy

• Process payments

• Comply with legal, ethical, and insurance obligations

I do not use your data for marketing purposes without your explicit consent.

________________________________________

6. Confidentiality and Safeguarding

All counselling sessions are confidential. However, confidentiality may be broken in limited circumstances, including:

• Where there is a serious risk of harm to you or others

• Where disclosure is required by law

• Where required by professional or ethical obligations

Where possible, I will aim to discuss any necessary disclosure with you before it occurs.

________________________________________

7. Data Storage and Security

I take appropriate technical and organisational measures to protect your personal data, including:

• Secure password-protected electronic records

• Encrypted devices where possible

• Locked storage for any paper records

• Access limited to me as the sole practitioner

I store your data only for as long as necessary and in line with professional and legal requirements.

________________________________________

8. How Long I Keep Your Data

Client records are retained for 7 years after the end of therapy, in line with professional guidance and insurance requirements. After this period, records are securely deleted or destroyed.

Enquiry data from individuals who do not become clients is deleted immediately and no longer retained. 

________________________________________

9. Sharing Your Data

I do not share your personal data with third parties except in the following circumstances:

• With your explicit consent

• Where required by law

• With my professional supervisor (data is anonymised where possible)

• With professional advisors (e.g. accountant or insurer) where necessary

I will never sell your data or share it for marketing purposes.

________________________________________

10. Your Data Protection Rights

Under UK GDPR, you have the right to:

• Access your personal data

• Request correction of inaccurate data

• Request erasure of your data (where applicable)

• Restrict or object to processing

• Request data portability

• Withdraw consent at any time

• Lodge a complaint with the Information Commissioner’s Office (ICO)

More information about your rights is available at: https://ico.org.uk

________________________________________

11. Complaints

If you have concerns about how your personal data is handled, please contact me first so I can try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office (ICO):

Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113

________________________________________

12. Changes to This Privacy Policy

This Privacy Policy may be updated from time to time. The most recent version will always be available upon request or on my website (if applicable).

________________________________________

Last updated: [17.11.25]