Privacy Policy

Who We Are

Psychotherapy Services Ltd. is the data controller responsible for your personal data under the UK General Data Protection Regulation (UK GDPR). We are registered with the Information Commissioner’s Office (ICO) under registration number ZA283221.

We are committed to handling your information responsibly, lawfully, and in accordance with our professional and legal obligations. This policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it, and how we keep it secure. It applies to all users of our website, clients accessing therapy services, and anyone who interacts with us.

How We Collect Information About You

We collect personal data directly from you when you:

  • Enquire about or engage in therapy with us
  • Subscribe to our email updates or newsletters
  • Apply for a job or volunteering opportunity
  • Make a donation or participate in fundraising
  • Use our website (via cookies and similar technologies)

We collect this information lawfully, transparently, and only where necessary to provide our services or respond to your contact.

What Personal Information We Collect

Depending on your interaction with us, we may collect:

  • Full name, postal address, email address, and telephone number
  • Date of birth and emergency contact details
  • Payment and invoicing information
  • Special category data (e.g. mental health or health-related information)
  • Website usage data via cookies (see Cookies and Tracking Technologies section)

We only collect the minimum information needed to deliver safe, ethical, and effective services.

Legal Bases for Processing Your Data

Under UK GDPR, we must have a lawful basis for processing your data. These may include:

  • Consent – e.g. to receive newsletters or share sensitive information in therapy
  • Contract – e.g. to provide therapy services you have requested
  • Legal obligation – e.g. for safeguarding, tax, or record-keeping purposes
  • Vital interests – e.g. where processing is required to protect life or serious harm
  • Legitimate interests – e.g. to improve services or respond to enquiries

When processing special category data (such as mental health information), we rely on:

  • Article 9(2)(a) – your explicit consent
  • Article 9(2)(h) – necessary for the provision of health or social care

Children’s Data

We take extra care to protect the privacy of children and young people who access our services.

  • Parental or guardian consent is required before collecting data from children under 13
  • For those aged 13–17, we assess whether they can provide informed consent
  • Where capacity is limited, we will obtain consent from a parent or legal guardian
  • Only necessary information is collected to support therapy or safeguarding
  • Children’s data is handled securely and in line with legal, clinical, and ethical standards
  • Records may be retained beyond the standard period where safeguarding obligations apply

If you have any questions about how we handle data relating to children or young people, please contact us

How We Use Your Information

We use your personal data to:

  • Provide therapy or services you request
  • Respond to enquiries and manage appointments
  • Process donations or manage fundraising
  • Administer recruitment or volunteering
  • Comply with legal or professional obligations
  • Improve service quality and monitor usage trends
  • Maintain clinical records in accordance with best practice

Sharing Your Information

We do not sell or rent your personal data to any third parties.

We may share information with:

  • Trusted third-party providers, including:
    • WriteUpp (clinical record system)
    • QuickBooks (financial administration and invoicing)
  • Referring or funding organisations, where required and with your consent
  • Regulatory authorities or legal bodies, if legally required to do so

Any data sharing is done securely and in accordance with data protection legislation. Data Processing Agreements are in place where appropriate.

International Data Transfers

Your data is stored in the UK or the European Economic Area (EEA). If it is transferred outside these regions (e.g. by third-party systems), we ensure adequate safeguards are in place.

Your Data Protection Rights

Under UK GDPR, you have the following rights:

  • Right to be informed – about how your data is used
  • Right of access – to see the data we hold about you
  • Right to rectification – to correct inaccurate data
  • Right to erasure – to request deletion (within legal limits)
  • Right to restrict processing – under certain conditions
  • Right to data portability – to transfer your data
  • Right to object – to certain types of processing
  • Rights related to automated decision-making – which we do not use

To exercise any of these rights, contact us using the details below.

Data Retention

Clinical records are retained for a minimum of 7 years after the end of therapy, in line with professional and legal standards (or until the client’s 26th birthday if under 18 at time of last contact).

Other types of personal data (e.g. enquiries, mailing lists, job applications) are kept no longer than necessary—typically 12–24 months—unless you request earlier deletion or a longer retention is legally required.

Cookies and Tracking Technologies

Our website uses essential cookies for functionality and, where consent is given, may use additional cookies (e.g. Google Analytics) to monitor performance and improve your experience.

You can manage cookie preferences via our cookie banner, and the cookie policy can be found here: Cookie Policy (UK)

How We Protect Your Information

We use appropriate technical and organisational measures to safeguard your personal data. These include:

  • Encrypted data storage and secure servers
  • Access restrictions and authentication controls
  • Use of GDPR-compliant third-party systems
  • Staff training in data protection and confidentiality

We review our security measures regularly to ensure your information remains protected.

Contacting Us

If you have any questions about this Privacy Policy or your personal data, please contact:

Daniel Gaunt; Director, Psychotherapy Services Ltd.
Email: [email protected]
Phone: 07932 308120

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Visit: https://ico.org.uk
Call: 0303 123 1113