Clients come to us for coaching, therapy, consultation and training. The information you provide is kept in the strictest confidence for the fulfilment of our services. We treat your data with both respect and responsibility.
PURPOSE
Details we hold on you are kept for the purpose of providing a high level of coaching and/or therapy, consultancy and/or training and will be retained for the following reasons:
- The proper fulfilment of the work.
- Should we need to contact you between sessions for any reason, for example, rearranging a session.
- In case you have a question so that the appropriate answer suitable to your situation is given.
- Should you wish to return for follow-up or additional work. This is so that a case history does not need to be taken again and so that techniques used can be built on and for the sake of continuity and efficacy.
- To support any insurance claim.
- For any other reason required by law.
Information is obtained via telephone, email, online forms and prior to, during and following sessions.
We process information relevant for the above purposes which may include personal details, family, lifestyle, work and social circumstances as well as details relating to physical and mental health.
Some of our clients undertake a psychometric profile which is conducted for the purpose of personal development and insights. We use four different organisations to conduct these electronically, where the data is held according to their own privacy policy:
Psytech
http://www.psytech.com/About/GDPRStatement
Belbin
http://www.belbin.com/about/terms-and-conditions
Talent Dynamics
http://talent-dynamics.com
If you have had a food intolerance test or health assessment, your data will be securely stored within the Asyra system where your name, date of birth and the report details are secured and a copy is held locally on the laptop which is password protected.
You only give information which you are willing to give. However, it is important to note that if you are unwilling to give certain types of information, it may limit our ability to provide the right kind of service to you and may mean that we cannot retain you as a client as this could seriously impact our ability to fulfil our obligations to you in a professional manner.
RETENTION OF INFORMATION
No time limits are prescribed by law on the amount of time your data is retained, but our practice is to maintain files as long as space allows, and for a minimum of seven years, in order that the information exists should you wish to return or if there is some other reason required by law.
If you have contacted us with an enquiry, we will retain your details for three months so that you don’t have to repeat the information passed on should you decide to start coaching/treatment. This is because it often takes time for someone to decide to undertake coaching and/or treatment from their initial enquiry. Retaining this information saves time during your first session and ensures we are as prepared as possible for your session.
Should you make a subject access request, this must be requested in writing to admin@triciawoolfrey.com. We shall respond within 20 working days. You may ask for your information to be updated or corrected to ensure accuracy.
Should a request for details to be forgotten be made, this will happen once the minimum 7 year period is complete, in order that any legal obligations may be able to be fulfilled.
DISCLOSURE OF INFORMATION
Your details has restricted access to authorised personnel only and will not be disclosed to any third party save for the following instances:
- Where you are being coached by an associate in order that the associate can properly fulfil their obligations to you
- Where supervision is required to fulfil our obligations to you (it is recommended that professional coaches and therapists have supervision). No identifying factors will be revealed
- Where we collaborate with an agreed specialist third party to provide additional support and only with your willing consent
- To help others, for example as a case study, with no identifying factors revealed, which can help them see how change was possible for someone who had a similar problem
- If we feel your life is in danger, we may contact the relevant authority
- Any occasion where it is required by law, such as a court order
It is not anticipated that your data will be vulnerable to third parties such as accountants, administrators and technical support but these parties will nevertheless work under a confidentiality agreement.
If you are opted in, you will receive newsletters containing information such as articles on personal development, tips and news. You are at liberty to unsubscribe at any time. The newsletter platform we use is Mailchimp. They retain a law firm in the UK to consult on EU privacy issues and their privacy policy is monitored by TRUSTe and they have certified their compliance with the EU, US, Swiss, US Privacy Shield Frameworks.
Brief details (name, contact details and a broad indication of what you came for) are also kept on GSuite for the purpose of access to contact details and sufficient identifying factors to enable meaningful conversation should in between session communications be required.
Any credit card details provided (in accordance with our terms) are locked away and kept until treatment ends.
Information is also retained for the purposes of maintaining our accounts and records.
Data is removed via electronic deletion (not archiving) or manual shredding, whichever is appropriate for the data at hand.
SECURITY MEASURES
Files are locked securely away in a filing cabinet with the key stored separately and securely. Where electronically kept, they are password protected and encrypted to safeguard your privacy. Electronic access to files is only shared with individuals who have received training and have signed a confidentiality agreement.
Our records are backed up regularly and all the data is held within the sites. Data is stored in secure password protected databases which is not visible publicly. Websites are hosted on password protected hosting services with multiple layers of security. Hosting services are located in Coleraine, Northern Ireland and the United States. Currently, the US data processors have not signed up to EU-US Privacy Shield Framework.
COOKIES
We use first party and third party cookies (small text files ) on our sites (A-HEAD for Success and Your Empowered Self). First party cookies are those placed directly by us and are used only by us. Third party cookies are those placed by Data Processors for the purposes of tracking activities on these websites. We use cookies to facilitate and improve your experience of our sites and to provide and improve our services. We have carefully chosen these cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times. All cookies used by and on our sites are used in accordance with current cookie law.
Before cookies are placed on your computer, you will be shown a cookie notification message requesting your consent to set those cookies. By giving your consent to the placing of cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of cookies; however, certain features of our sites may not function fully or as intended.
You may still block these cookies by changing your internet browser’s settings. For more information, please consult the help menu in your internet browser or the documentation that came with your device.
You can choose to delete cookies on your computer or device at any time.
GOOGLE ANALYTICS
Our sites use analytics services provided by Google Inc. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how our sites are used. This, in turn, enables us to improve our sites and the services offered through them. You do not have to allow us to use these cookies. Whilst our use of them does not pose any risk to your privacy or your safe use of our sites, it does enable us to continually improve our sites, making them a better and more useful experience for you.
PROCEDURES IN EVENT OF BREACH
We do our utmost to safeguard your data. However, should there be a security breach caused by theft, hacking, loss or other breach, the ICO will be informed immediately and appropriate steps will be taken.
COMPLAINTS
If there is any complaint about your data use, contact us via email at report@triciawoolfrey.com and we will do our utmost to resolve the situation. If your complaint is not resolved to your satisfaction, you can approach the Information Commissioner’s Office (ICO) on 01625 545745.