Wellspring Counselling and Therapy is committed to complying with the terms of the General Data Protection Regulation (GDPR) and to the responsible and secure use of your personal data. Wellspring has a legitimate interest in processing personal data in order to provide counselling services. The purpose of this statement is to let you know what personal information Wellspring Therapy and Training collects and holds, why we collect this data, how long it is kept and your rights over your personal data. Wellspring Therapy and Training is registered with the Information Commissioner’s Office (ICO) reference ZA253800.
Information we collect about you
a) We collect personal information about you when you enquire about our counselling services in order to place you on our waiting list and/or set up an initial appointment. This information includes contact details, your availability and other relevant personal information. Once a client finishes counselling, all data regarding their counselling is stored securely for up to 7 years and then destroyed. The legal basis justifying our collection of your data is your consent. You may withdraw your consent at any time.
b) When you enquire about courses, workshops, talks, fundraising events, room hire or volunteering at Wellspring we ask for contact details and relevant personal information from you that is needed to answer your enquiries and to keep you informed about upcoming events that may be of interest to you. This data is stored securely for as long as you agree to be kept informed of Wellspring’s activities.
Our use of this information
Your personal information will only be used to provide you with our services and to give you information relating to our services. We will not share your personal details with any other person or organisation without your knowledge and permission, unless there is a legal requirement, if there is a child or adult safeguarding issue, or a perceived risk of harm. A breach of confidentiality is when a person shares information with another in circumstances where it is reasonable to expect that the information will be kept confidential.
a) We will take all reasonable precautions to prevent the loss, misuse or alteration of information you give us.
b) Communications in connection with this service may be sent by e-mail. For ease of use and compatibility, communications will not normally be sent in encrypted form. E-mail, unless encrypted, is not a fully secure means of communication. Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects, we cannot bear responsibility for all communications being virus free.
Your rights over your personal data
If you would like to see the information we hold about you, or would like to correct, update or delete any records, please email us at firstname.lastname@example.org. If you have any concerns about our use of your data please contact our DPO, the Operations Manager directly at email@example.com . We will do our utmost to resolve any concerns you have, but if these are not resolved to your satisfaction you may choose to contact the ICO.