On 25 May 2018, the law changed with regard to how organisations have to protect your ‘data’ (personal details and records) and this is called the General Data Protection Regulation or GDPR.
The following summary highlights how GDPR is being implemented by Inclusion Psychologists Limited, a company which provides psychological services and individuals will be asked to provide personal and sensitive information.
Before engaging with our Services we will seek your consent including your consenting to your to records being kept by Inclusion Psychologists Limited. This will be done through online user consent forms which you have to complete.
Inclusion Psychologists Limited collects and processes the following personal data from individuals as appropriate according to the psychological service being undertaken:
Personal data: Basic contact information including name, address, email, contact number, and online ID. Photo ID may be requested.
The above activities require Inclusion Psychologists Limited to act as a ‘Data Controller’ and be registered with the Information Commissioners Office (ICO). This register is an online public register of Data Controllers and visible for anyone to check. Inclusion Psychologists Limited has a legitimate interest and purpose in using the personal data and sensitive personal information collected to provide psychological services. No information you provide is passed on without your consent except when limited confidentiality applies such as Risk of Harm to the individual or others, or legal duty. Inclusion Psychologists Limited will use the information collected to provide psychological services to you and protects your privacy.
If you do not provide the personal information requested, then Inclusion Psychologists Limited may be unable to provide services. Your personal information may be required to process payment either directly or by a third party as appropriate.
Inclusion Psychologists Limited will only store your personal information for as long as it is required as per current British Psychological Society and Health Care Professions Council guidance. Personal information is minimised in phone and email communication.
Sensitive personal data will be sent to clients using e-mail services which are GDPR compliant. Any sensitive data attached in an email attachment will be password protected unless otherwise requested by yourself. Personal information is also stored on an office computer. These are password protected (entry password and encrypted). Malware and antivirus protection is installed on all computing devices. Confidential digital information may also be stored in a secure cloud service offering high levels of security which is GDPR compliant. Mobile devices are protected with a passcode/thumbprint scanner, mobile security and antivirus software. Written and hard-copy notes are kept in a double-locked secure filing cabinet.
You have a right to access the information Inclusion Psychologists Limited Consulting holds about you by direct request or by a ‘subject access request’ and will usually share this with you within 30 days of receiving a request. Third-party information will be redacted. There may be an administration fee for supplying the information to you. You have a right to get your personal information corrected if it is inaccurate. Inclusion Psychologists Limited reserves the right to refuse a request to delete a client’s personal information where there is a justifiable reason.
You can complain to a regulator. If you think that Inclusion Psychologists Limited has not complied with data protection laws, you have a right to lodge a complaint with the ICO.
In the event of death or incapacity of the Director of Inclusion Psychologists Limited, arrangements have been made for Graham Rogers Associates, longstanding trusted colleague to take over GDPR obligations and professional liaison as appropriate.
This GDPR & Privacy Notice may be printed for information and do ask any questions either directly to Inclusion Psychologists Limited or at https://ico.org.uk