Lea Psychology Privacy Policy Notice

The policy: This privacy policy notice is served by Lea Psychology under the website; http://leapsychology.co.uk. Our data controller is Dr. Eloise Lea (eloise@leapsychology.co.uk). The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and whilst you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and / or refrain from submitting your personal data to us.

Policy key definitions:

  • “I”, “our”, “us”, or “we” refer to the business, Lea Psychology.
  • “you”, “the user” refer to the person(s) using this website.
  • GDPR means General Data Protection Regulation.
  • ICO means Information Commissioner’s Office. https://ico.org.uk
  • Cookies mean small files stored on a user’s computer or device.

Key principles of GDPR:

The General Data Protection Regulation (GDPR) provides a set of standardised data protection laws across all EU member countries. Lea Psychology complies with these laws as described in this notice. Our policy applies to all web site interaction and communication between Lea Psychology and each client.

Our privacy policy embodies the following key principles; (a) Lawfulness, fairness and transparency, (b) Purpose limitation, (c) Data minimisation, (d) Accuracy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.

What information do we collect?

We may collect and process some or all the following personal data:

  • Basic contact information: name, address, email, contact telephone number and GP details.
  • Any information provided via our contact forms or in emails directly sent to us.
  • Any referral information passed to us by third parties such as health insurance providers or other clinical or medical practitioners.
  • Any sensitive personal data such as client agreement forms, therapy records, notes, letters and reports.

How do we use personal information?

Confidentiality and personal privacy are taken very seriously at Lea Psychology. We only use any personal information shared with us to provide the services you have requested. If any further information we deem necessary to perform our services to you is withheld, then we may be unable to provide the service you require.

What legal basis do we have for processing your personal data?

We have a legitimate interest in using the personal data we collect to provide the agreed health service(s) you request. You have the option to withdraw your consent for us to hold this data on the understanding that we may be unable to continue providing treatment.

When do we share personal data?

Your personal data will never be shared with third parties for marketing purposes. Indeed, under normal circumstances your personal data will NOT be shared with anyone else. If there is a need to liaise with other parties or relevant authorities however, there may be exceptions to this:

  • Legal institutions may require personal information which would be shared with your written consent when therapy has been directed by a solicitor.
  • Health insurance providers funding any therapy would need to be advised of fees and may request treatment progress updates.
  • Your own GP may receive information on a need-to-know basis.
  • When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty on our behalf.
  • If any information held would risk harming either the client or another person.

Where do we store and secure personal data?

Personal data may be stored on our web server, mail server, office computer and mobile phone. Computers and mobile phones used by Lea Psychology are password/fingerprint protected and operate with security software in place. The web and mail servers are hosted by third parties who have certified themselves GDPR compliant and have equivalent policies in place to support this. They have their own security systems installed including encryption, password protection, antivirus and malware protection software.

How long do we keep your personal data for?

We only keep your personal data for as long as it is required to offer our services. It will be deleted within 6 months once therapy has ended.

Any sensitive personal data such as client agreement forms, therapy records, notes, letters and reports are stored for 7 years after therapy. After this period, they are deleted.

Use of cookies

We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen messages that we display and to keep you logged into the website where applicable. You will have the opportunity to Accept or Deny these cookies to be placed on your device when you first access the website. Your web browser should also provide you with the facility to manage and delete cookies from your device.

Your rights in relation to personal data

Under the GDPR, we respect your right to:

  • Access your personal information (an admin fee may be payable)
  • Correct or delete your information held if it is incorrect
  • Withdraw your consent to hold your data
  • Lodge a complaint with the ICO

However, we are required to retain therapy records for a period of 7 years after therapy ends, as described above, in accordance with guidelines and requirements for record keeping by The British Psychological Society and the Health and Care Professionals Council.

How to contact us

If you have any questions or concerns about our privacy practices, your personal information or if you wish to file a complaint, please contact eloise@leapsychology.co.uk or use the contact form on this site. Alternatively, please write to us at our postal address.