A R Counselling

Privacy Policy

This privacy statement sets out how ARC Counselling Service uses and protects any information which you give. Whether you are a service user, a supporter, a volunteer, or a staff member, it’s important you know as much as possible about how we use your data.  This policy is designed to explain what data I hold and what I do with it, how long I store it for, help you keep control of your data and make informed decisions and show how your data is safeguarded.

Important information about who I am:

ARC Counselling & Psychotherapy Services is run by Amanda Reynolds and I provide support to 21+ adults living in Yorkshire and the surrounding areas who are experiencing emotional and mental health difficulties.

My address is: AR Counselling Allerton Bywater WF10 2FE

I am committed to protecting your personal privacy and ensure that all personal data is held in accordance with the General Data Protection Regulation (GDPR) and Data Protection Act 2018.

I am registered with the Information Commissioner’s Office [Reference number: C1561968].

Compliance is ensured by the Data Controller (myself) Amanda Reynolds, who takes responsibility for Data Protection. I will answer any questions you may have about this privacy notice.  You may contact me at:

  • the ARCS address given above
  • by email: arc.counselling@outlook.com
  • by phone:  07864 720 665

This statement covers data collected via the website, through social media and through general activities.  If my interaction with you is as a client, requiring me to elicit and keep sensitive information, I always seek your further permission to collect and store such details.

The law requires personal data to be;

  1. Processed lawfully, fairly and in a transparent manner
  2. Collected for specific, explicit and legitimate purposes; its purposes are limited
  3. Adequate, relevant and limited to what is necessary for the purposes for which they are processed
  4. Accurate and kept up to date
  5. Kept in a form that permits identification of individuals for no longer than is necessary for the purposes for which the personal data is processed
  6. Processed in a secure manner and,
  7. Where we are the data controller we are accountable and be able to show compliance with the above.

What Data I Collect

I collect the following personal data to provide effective counselling services:
-Your name, preferred contact information (email, phone number, address), gender, and your business details if given.

For people who use ARC services, additional information will include:

-Initial enquiries about my counseling services means I will collect information to help me satisfy your enquiry such as whatever personal details you offer, what kind of therapy you are looking for and issues you need support with.

-Alternatively, your GP or other health professionals may send me your details when making a referral or a parent or trusted individual may give me your details when making an enquiry on your behalf.

-If you decide not to proceed I will ensure all your personal data is deleted within 6 months. If you would like me to delete this information sooner, just let me know.

-Preliminary assessments data from phone or face to face interactions

-Session notes related to counseling sessions and review sessions as required by the BACP.

Special category data is personal information about you that is more sensitive or private. The types of information I may ask for your explicit consent to record includes:

-Health information relevant to our sessions and the assessment

For security reasons I do not retain text messages for more than one month. If there is relevant information contained in a text message I will transfer this under your personal notes. My phone is password protected.

Likewise, any email correspondence will be deleted after six months, if it is not important. If necessary I will attach relevant information to your client notes. My email is provided by ProtonMail, an encrypted password protected web-based provider, which I access through password protected devices.

Why I Collect the Data

I collect this data to:
– Provide counselling services tailored to your needs
– Maintain accurate client records
– Fulfill legal and insurance obligations

How I Store Your Data

Your data is stored securely in the following ways and I ensure that only authorized individuals have access to this information:
– Digital records are stored on encrypted devices with password protection
– Physical records are stored in locked filing cabinets

I am committed to keeping your information secure. To prevent unauthorised access or disclosure, I have put in place suitable physical, electronic and managerial procedures to safeguard and secure information collected online and in person.  Access to records are restricted to a need-to-know basis and security arrangements are regularly reviewed to ensure their continued suitability.

Data Retention Policy

I will retain your data for a period of 3 years after the termination of our counselling relationship, in line with legal and BACP professional requirements. After this period, all data will be securely destroyed.

Your Rights

You have the right to be informed of how your personal information will be used, for how long it will be kept, how you can opt out of further processing, and that you have the right to lodge a complaint with a supervisory authority.

You have the following rights under GDPR regarding your personal data:
– Access: You can request access to your data at any time. This is known as a Subject Access Request.
– Rectification: You have the right to correct any inaccurate or incomplete information.
– Erasure: You can request that your data be deleted, subject to legal obligations to retain certain information.
– Restriction of Processing: You can request that I limit how your data is processed in certain situations.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with any concerns you may have before you approach the ICO, so please contact us first.

Data Sharing with Third Parties

I will not share your data with third parties unless required by law, or with your explicit consent.

The circumstances where I may have to disclose personal and special category information without your consent may include;

  • If I believe that either you or someone else is at risk of significant harm
  • Where there is another legal reason or requirement to disclose your personal information, such as a court order.
  • If information is shared about involvement in terrorism (as required by the Prevention of Terrorism Act, 2000).
  • If I am unable to work through illness, accident or death, I have a trusted therapist colleague, who has been given permission to access only the basic contact details of current clients. This is the colleague who can inform clients of the current situation.

Data Security Measures

I take appropriate security measures to protect your data, including:
– Using encryption for digital records
– Implementing access controls to limit data access
– Regularly reviewing security practices to ensure data protection

Data Breach Notification

In the event of a data breach that affects your personal information, I will notify you and the Information Commissioner’s Office (ICO) within 72 hours, as required by GDPR.

Contact Information

If you have any questions or concerns about how your data is handled, or wish to exercise your rights under GDPR, please contact me at:
– Email: arc.counselling@outlook.com