top of page

Privacy Policy


Counselling is a safe and confidential space.  However, there are some legal and ethical limitations to confidentiality which I will highlight during the initial appointment.


Any contact information that you provide when contacting me (including details provided on the contact form of this website) are not used for any marketing purposes or provided to any third party for use of marketing purposes.  Your details solely used for administrative and contact purposes such as to make appointments, arrange payments, client registration and any other follow up communication.




I am an approved Data Controller and am governed by GDPR (General Data Protection Regulation).  To comply with General Data Protection Regulation, I am required to tell you what data I hold and how that data is stored.  I am also bound by the British Association for Counselling and Psychotherapy Ethical Framework.  Your data will never be sold to any other individual, company or organisation for any purpose.  I am also required to gain your consent to store certain data about you.


Your Data


I keep client data that you provide (both in your initial contact and during any counselling sessions) to ensure that I can work safely and professionally as outlined in the British Association for Counselling and Psychotherapy Ethical Framework for Counselling Professions.  Your personal information is not stored on my website, other than to momentarily collect and forward to my Outlook email account.  Under GDPR you have the right to know what data I collect, why and for how long I hold it. The data I hold on new and existing clients may include:

  • Your name and address

  • Your phone number(s) and email address

  • An emergency contact name and phone number

  • Your GP name and contact details

  • Relevant medical information and reasons for accessing therapy

  • Session notes

  • Email communications between us for the arrangement, rescheduling or cancellation of appointments

Your rights: 


  • You have the right to be informed on what personal information I hold

  • See the information I hold about you free of charge

  • To rectify any inaccurate or imcomplete personal information

  • To withdraw consent to me using your personal information

  • To request your personal information to be erased (unless this information is required for me to practice lawfully and ethically)


When sensitive information is to be destroyed it will be securely shredded or deleted using secure file deletion software.


If I discover that there has been a breach of your personal data, I will inform you as soon as possible.  In addition to this, I am legally required to inform the ICO (Information Commissioner’s Office) of such breaches.  I keep an electronic backup of contact details on an encrypted USB drive, which is password protected and stored in a locked cabinet.  I store your contact details on a pin-protected smartphone, which are unidentifiable.  Email/SMS correspondence: Email correspondence is stored on my Outlook email account and my laptop is password protected.  SMS correspondence is stored on my smartphone which is pin-protected.  Your personal information is not stored on my website, other than to momentarily collect and forward to my Outlook email account.  


Brief anonymysed notes will be made during sessions on a notepad.  These are then transferred onto a password protected encrypted USB drive and these are stored securely in a locked cabinet.  I am required by BACP and my insurance company to retain session notes and personal data for a minimum of 7 years.  After this time, unless there is a legal reason to retain the notes for a longer period, all session notes and any personal data relating to you will be securely destroyed.

Further enquiries:


If you have any concerns or further questions about how your data might be used or stored, please contact me, Dannii Richards as the Data Controller:

bottom of page