GDPR Policy 

Artemis Counselling Group GDPR Privacy Policy

As a counsellor, I take the privacy and confidentiality of your personal data seriously. This policy explains how I collect, use, and protect your personal information in compliance with the General Data Protection Regulation (GDPR).

1. Who Am I?

I, Victoria Arthur, provide counselling services under the business name Artemis counselling group As a data controller, I am responsible for the collection, storage, and processing of your personal data and therefore I am registered with the ICO.

2. What Personal Data Do I Collect?

The personal data I may collect includes, but is not limited to:

  • Personal identification information: Name, contact details (phone, email), date of birth.

  • Health data: Mental health history, therapy records, and other sensitive data relevant to your counselling sessions.

  • Payment information: Records related to billing and payments for services.

3. Why I Collect Your Data

Your data is collected for the following purposes:

  • To provide you with appropriate counselling services.

  • To manage and maintain accurate client records.

  • To process payments for services provided.

  • To comply with legal obligations and insurance requirements.

  • To follow up with clients, if necessary, regarding appointments or therapy-related matters.

4. How I Use Your Data

I will use your personal data only for the purposes outlined above, and I will never use it for any other purpose without your explicit consent. The data will be stored securely and used in compliance with the GDPR principles.

5. How Long Do I Keep Your Data?

I will keep your personal data and client records for 5 years from the last date of your counselling session, in accordance with the requirements of my insurance policy and professional practice. After 5 years, your data will be securely deleted or destroyed.

6. How I Protect Your Data

Your personal data is kept secure through:

  • Digital security: Encrypted digital records, password protection, and secure file storage.

  • Physical security: Confidential client records are stored in a locked, secure location.

  • Access control: Only authorized personnel (myself and any designated assistant) will have access to your data.

7. Your Rights

Under the GDPR, you have the following rights concerning your personal data:

  • Right to access: You have the right to request a copy of the personal data I hold about you.

  • Right to rectification: If your personal data is inaccurate or incomplete, you can request it be corrected.

  • Right to erasure: You can request that your personal data be deleted under certain conditions, such as when it is no longer needed for the purposes it was collected.

  • Right to restrict processing: You can request that I limit how your data is used.

  • Right to data portability: You can request that your data be provided to you in a structured, commonly used, and machine-readable format.

If you wish to exercise any of these rights, please contact me

8. Third-Party Data Sharing

I do not share your personal data with third parties unless required by law, for legal obligations (such as insurance claims), or with your explicit consent (e.g., if I refer you to another professional). I will not sell or use your data for marketing purposes.

9. Data Breaches

In the unlikely event of a data breach that may risk your privacy, I will notify you within 72 hours as required by GDPR.

10. Changes to This Policy

This privacy policy may be updated from time to time. Any changes will be communicated to you, and the revised policy will be available upon request.