Privacy Notice
Working with you to keep your data secure
Mindspace Therapy-Studio (MTS) takes the protection of your personal data seriously. We are committed to ensuring that we are compliant with all regulations and take measures to ensure your privacy and confidentiality. This policy, in combination with our terms and conditions, which sets out how we handle your personal information if you’re a MTS client or visitor to our website, in accordance with the General Data Protection Regulations (GDPR), effective from 25th May 2018.
These regulations aim to increase the accountability of organisations who handle personal data. Individuals are granted specific rights regarding their personal information, and how it is collected, stored, used, shared and protected. You can read more about the GDPR requirements on the Information Commissioner’s Office website.
If you do not understand any part of the policy, or have any questions regarding your personal data, then please do not hesitate to contact us.
Definitions
We, us or Mindspace Therapy-Studio – this business and the people directly involved in running it.
Policy – this Privacy Policy.
Our website or site – this website
Client – any person or company who uses our services.
Visitors – any person who visits our website or social media profiles
Our services – therapy, counselling, assessment & consultation
The type of personal information we collect
Names, email addresses and telephone numbers when someone requests an initial consultation or becomes a client (usually via our website or in person/by phone).
Details of the business/organisation and the proposed service for the preparation of a quotation (usually via email or by post).
General queries via a general contact form on our website.
How we collect personal information
We collect personal information directly when you provide it to us – as described above- or automatically as you navigate through the website
Why we collect your personal information
Your personal information is collected for the following reasons:
To fulfil our contractual obligations to our clients and to carry out our services.
To create and send invoices for completed work or provision of services to our clients.
To verify identity and prevent unauthorised access to websites or services.
To monitor visitor traffic to our site and secure our site against malicious human and automated visitors
We also need to collect personal information where this is necessary for purposes which are in our legitimate interests such as operating and protecting our website as well as providing clients with services described in our website.
The use of collecting personal information also aids in carrying out technical analysis to determine how to improve our website and the services we provide or resolve any technical problems and to identify potential fraudulent activity and prevent spam and ‘hacking’.
Other reasons why we collect your personal information includes ensuring compliance with our website Terms of Use and being able to communicate effectively with clients via our website.
Your personal data is also obtained to help manage our legal and operational affairs (including, managing risks relating to content and fraud matters); improving our products and services; Providing general administrative and performance functions and activities.
Providing clients with important information about changes to products and services.
We may also be required by law to collect personal information when responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
When we disclose your personal information
We do not usually need to disclose your personal information to any third party in order to deliver our services, however there are certain situations in which we may need to disclose your personal information. These include:
To regulators and government authorities in connection with our compliance procedures and obligations.
To a purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase.
A third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity or to enforce or defend our rights, or to address financial or reputational risks.
A rights holder in relation to an allegation of intellectual property infringement or any other infringement.
Other recipients where we are authorised or required by law to do so.
You will always be informed if we are required to disclose your personal information at any time.
Where we transfer and/or store your personal information
We are based in the United Kingdom, and your data is processed and stored in a single location (a private office) in the United Kingdom.
How we keep your personal information secure
We do our best to keep all information secure, especially any personal data. Most of our data is kept in paper form. All digital personal information (including names, addresses, telephone numbers and email addresses) is stored on a protected local computer network, to which only people engaged in activities directly relating to the business have access.
We are required by our governing bodies e.g. BABCP to keep any hard copies of notes or clinical information and not to destroy it, where in such cases i.e. after the client is discharged we would archive the information for a period of 7 years.
This website is powered by WebHealer and Cookies are set on the site. To decline them or find out more visit their cookie page https://www.webhealer.net/cookies.
Enquiries submitted through the contact form on this website are sent directly to us by email and deleted from the web host (Webhealer) systems once delivered. No data is passed on to third parties. Your information is used solely for the purpose of correspondence between you the sender and MTS.
Although best efforts will be made to protect your information the security of your data transmitted via email cannot be guaranteed. Any transmission is at your own risk. Once your information has been received, all reasonable steps will be taken to prevent unauthorised access.
How you can access your personal information
Under the GDPR guidelines, you have the right to request access to the personal data we hold about you and/or request erasure of the personal data we hold about you. You can ask us to correct any personal information that we hold about you and restrict or object to processing of your personal data. You are entitled to withdraw consent to us using your personal information at any time.
When we need to update this policy
We will need to change this policy from time to time in order to ensure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
Reporting Concerns
If you have unresolved concerns you also have the right to complain to data protection authorities. In the UK, the relevant authority is the Information Commissioner’s Office (ICO).
The ICO can be contacted at:
ICO website: https://ico.org.uk/global/contact-us/
ICO telephone: 0303 123 1113
ICO textphone: 01625 545860