Counselling Psychology Scotland Logo

Privacy Policy

Counselling Psychology Scotland Ltd (referred to as “we”, “us” or “our” in this Privacy Policy), take your privacy very seriously and adopt a high standard of compliance and confidentiality when dealing with your data. Our registered data controller is Dr David R Cunningham (Information Commissioner’s Office, Ref: ZB597861). This notice outlines how we collect, use, and store your personal data via our website and services. It does not extend to any websites or social media platforms that can be accessed from our website.

What Data We Collect and Why

Contact Details

We collect your contact details to:

Respond to queries, arrange appointments, and provide services.

Collect emergency contact and GP details, as we have a duty of care to seek help if you or someone else is at risk of harm.

Your contact details are essential to allow us to complete our contract with you. If you fail to provide necessary data when requested, we may have to cancel a service you have with us, but we will notify you if this is the case. Additionally, we use this information to help detect and prevent fraud.

Payment Details

We do not retain debit/credit card details, including CVV codes. Payment information is processed through Stripe, which we use to complete purchases and issue refunds. This also helps detect and prevent fraud.

Health Data

As health professionals, we are required to keep records of our work together. We only collect and store information that is relevant and necessary for this purpose.

Audit and Evaluation

To monitor the effectiveness of our services, we retain anonymised data regarding therapy outcomes and any feedback you provide.

Browsing Our Website

If you browse our website, we may analyse:

How you use the website, including the pages you interact with.

Log files containing the time and date of your visit, IP address, referrer URL, and browser version. This helps us diagnose issues, manage our system, and analyse visitor trends. We do not usually link IP addresses to personally identifiable information.

Cookies: Our website uses cookies to enhance user experience and track website traffic. You can choose which cookies to accept or disable through your browser settings. Denying cookies may impact certain website functions.

How We Store and Safeguard Your Information

We use several secure cloud-based services to store data, including Splose, Stripe, Xero, NovoPsych, Microsoft Outlook, and Microsoft Teams. For session summaries and sensitive data, we use a GDPR-compliant, secure system (Splose). Some of these services may store data outside the UK or EU, but they adhere to GDPR regulations, including Standard Contractual Clauses (SCCs) for data transfers.

We may share your personal data with:

IT and system administration providers.

Professional advisers (e.g., healthcare professionals, legal professionals, accountants, and insurers).

Regulatory authorities (e.g., HMRC) where required.

Third parties involved in business restructuring, mergers, or transfers of business assets.

We require all third parties to respect the security of your personal data and only process it in accordance with our instructions and the law.

How Long We Keep Your Data

In accordance with British Psychological Society policies, we retain client health records for 7 years following the end of treatment, after which they will be securely destroyed.

Other personal data will only be stored as long as necessary for its intended purpose or until you request deletion. Some data may persist in backups for legal, tax, or regulatory purposes (e.g., HMRC financial records are kept for 7 years).

Your Privacy Rights

You have the right to:

Access and request a copy of your personal data.

Rectify incorrect personal data.

Request erasure of your data if it is no longer needed, processed unlawfully, or based on consent you have withdrawn.

Object to or restrict processing based on legitimate interest.

Request data transfer to another provider if processed under contract or consent.

To exercise your rights, contact us. Most issues can be resolved informally in the first instance. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). For more details, visit the ICO website.

Changes to This Policy and Keeping Your Data Up to Date

We regularly review our Privacy Policy.

It is important that the personal data we hold about you is accurate. Please inform us of any changes during your relationship with us.

Contact Us

If you have any questions regarding this Privacy Policy, please contact us at:

©Copyright. All rights reserved.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.

Privacy Settings

Website Translator

Privacy Settings

This tool helps you to select and deactivate various tags / trackers / analytic tools used on this website.

Select all services
Website Translator
More
Save Settings