Elevated Mind Therapies

Introduction Your privacy is very important to me, and you can be confident that your personal information will be kept safe and secure and will only be used for the purpose for which it was provided. I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

This privacy notice outlines how I handle your personal information, from initial contact through to after your therapy has ended, including:

  • Why I process your information and for what purpose
  • Whether you are required to provide it
  • How long I store it
  • Whether your personal information is shared with others
  • Whether I transfer it to another country
  • Your data protection rights
  • Whether automated decision-making or profiling is involved

I am happy to discuss any questions you may have about this policy. You can contact me via the details below.

The term ‘Data Controller’ refers to the person or organisation that collects, stores, and has responsibility for personal data. In this case, I am the data controller.

I am registered with the Information Commissioner’s Office (ICO) under Reference Number: C1590654.

Contact Information:

  • Business Name: Elevated Mind Therapies
  • Postal Address: 360 Edge Lane, Fairfield, Liverpool, L7 9NJ
  • Phone Number: 07539 504 135
  • Email Address: Info@elevatedmindtherapies.co.uk

My Lawful Basis for Holding and Using Your Personal Information

Under GDPR, I must have a lawful basis for processing personal data. The lawful basis depends on the stage at which I am processing your data:

  • For current therapy clients or those inquiring about therapy: I process your personal data as necessary for the performance of our contract.
  • For past clients: I retain personal information under the basis of legitimate interest, in case I need to reference therapy records in the future.

Special Category Data: GDPR requires additional protection for sensitive information such as health data. My lawful basis for processing special category data is explicit consent. After therapy ends, I retain counselling records to protect against potential legal claims.

How I Use Your Information

Initial Contact

When you contact me about my therapy services, I collect information necessary to address your inquiry. This includes:

  • Your name
  • Date of birth
  • Contact details
  • Initial referral information (if applicable)

If you decide not to proceed with therapy, I will delete your personal data within 48 hours of your decision. If you wish for your data to be deleted sooner, please let me know.

During Therapy

Everything you discuss with me is confidential. However, confidentiality may be broken if:

  • There is a risk of harm to yourself or others
  • There are concerns regarding money laundering, terrorism, drug, or human trafficking
  • There are safeguarding issues

I will always attempt to discuss this with you first unless circumstances prevent me from doing so.

I keep personal details securely stored using encryption and two-factor authentication. Therapy session notes are:

  • Anonymised
  • Stored in a locked cabinet (for written notes)
  • Electronically stored with encryption and password protection

For security reasons:

  • Text messages are not retained for more than 30 days unless relevant information is transferred to session notes.
  • Emails are deleted after 90 days, unless important, in which case the information is added to session notes.

After Therapy Ends

Your records will be securely retained for 7 years following our last contact and then securely destroyed. If you wish for your information to be deleted earlier, please let me know.

Third-Party Recipients of Personal Data

I occasionally share data with third-party service providers, ensuring they only process information for the specified task. The third parties I currently work with include:

  • Microsoft 365 (for cloud storage and email services)

All third parties are required to comply with data protection regulations and contractual agreements.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to access: Request a copy of the data I hold about you.
  • Right to rectification: Request corrections to inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data under certain circumstances.
  • Right to restrict processing: Ask me to limit how I use your data.
  • Right to data portability: Receive your data in a structured format for transfer.
  • Right to object: Object to my processing of your data.

To make a request, please contact me in writing at Info@elevatedmindtherapies.co.uk.

If you have concerns about my handling of your personal data, you can also make a complaint to the ICO:

Data Security

I take the security of your data seriously. Measures include:

  • Encryption
  • Two-factor authentication
  • Secure locked storage for paper records

Visitors to My Website

When visiting my website, IONOS collects anonymous visitor data for statistical purposes. This includes:

  • Website traffic analysis
  • Visitor behaviour tracking

No user-specific data is collected. I do not allow IONOS to attempt to identify website visitors.

I use WordPress as my website’s content management system. You can find their privacy policy here: WordPress Privacy Policy.

Like most websites, I use cookies to improve user experience. You can read my full cookie policy here: www.elevatedmindtherapies.co.uk/cookies.

If you fill out a form on my website, the data is temporarily stored before being sent to me securely.

Changes to This Policy

I may update this Privacy Policy from time to time. Any significant changes will be communicated via my website or directly to clients.

By continuing to use my services, you acknowledge and accept this Privacy Policy.