Skip to main content

© Calm The Waves. All rights reserved. Designed by Joe Joubert.

Get in Touch

Privacy Notice

Introduction

Your privacy is very important, and you can be confident that your personal information will be kept safe and secure and will only be used for the purpose it was given.

Calm the Waves Counselling & Training adheres to current data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Notice explains what happens to your personal information from the point of first contact through to after counselling has ended, including:

  • Why we process your information
  • The lawful basis for processing your information
  • Whether you are required to provide information
  • How long information is stored
  • Whether information is shared with third parties
  • Whether information is transferred outside the UK
  • Whether automated decision-making or profiling takes place
  • Your data protection rights

Data Controller

The Data Controller is:

Karen Ludkin
ICO Registration: ZB565592
Telephone: 07359 204375
Email: karen@calmthewaves.co.uk

If you have any questions about this Privacy Notice or how your personal information is used, please contact Karen using the details above.

Lawful Basis for Processing Personal Information

The UK GDPR requires a lawful basis for processing personal data.

If you have completed therapy with Calm the Waves Counselling & Training, your personal information is retained under the lawful basis of Legitimate Interests.

If you are currently receiving therapy, or are making enquiries about therapy, your personal information is processed where necessary for the performance of a contract.

Some information disclosed during counselling may be considered Special Category Data. The lawful basis for processing this information is Article 9(2)(h) UK GDPR, which permits processing necessary for the provision of health, social care or treatment services.

How Your Information Is Used

Initial Contact

When you contact Calm the Waves Counselling & Training, information may be collected to help respond to your enquiry. This may include:

  • Name
  • Telephone number
  • Email address
  • Brief details regarding your enquiry

Referrals may also be received from a GP, healthcare professional, parent, carer, or trusted individual acting on your behalf.

If you decide not to proceed with therapy, your personal information will normally be deleted within three months unless there is a legal, safeguarding, insurance, or professional requirement to retain it.

Waiting List

If you choose to join a waiting list, your details will be retained until an appointment becomes available.

If you decide not to proceed, your information will normally be deleted three months after notifying Calm the Waves Counselling & Training.

If therapy begins, information gathered during this period becomes part of your therapeutic record.

While You Are Accessing Counselling

Everything discussed in counselling is confidential.

Confidentiality may be broken where:

  • There is a serious risk of harm to yourself or others
  • Safeguarding concerns arise
  • Disclosure is required by law or court order
  • There is an overriding public interest

Where possible, this will be discussed with you first unless safeguarding concerns prevent this.

Personal details are stored securely in client records and are not routinely shared with third parties.

Written session notes are anonymised and stored securely, either digitally using password-protected systems or in locked paper files.

Text messages are not retained beyond the end of the counselling contract unless they contain information relevant to your client record.

Relevant email correspondence may also be retained within your client file where appropriate.

Clinical Supervision

In accordance with the BACP Ethical Framework, regular clinical supervision is undertaken.

Client information discussed during supervision is anonymised wherever possible and remains confidential.

After Counselling Has Ended

Adult client records are retained for seven years from the date of last contact and are then securely destroyed.

Records relating to children and young people are retained until seven years after the client reaches the age of 18.

Requests for deletion will be considered in accordance with UK data protection legislation and any professional, safeguarding, insurance, or legal obligations.

Third Party Recipients of Personal Data

Personal information may occasionally be disclosed where required by law or where there is an overriding public interest.

Examples may include:

  • Police
  • Courts
  • Social Services
  • Other statutory authorities

Disclosures are only made where necessary to prevent serious harm, comply with legal requirements, or protect the welfare of individuals.

Your Rights

You have the right to:

  • Access your personal information
  • Request correction of inaccurate information
  • Request deletion of personal information
  • Restrict or object to processing in certain circumstances
  • Request a copy of information held about you

Further information about your rights can be found at:

https://ico.org.uk/your-data-matters

Requests relating to your personal information can be made by contacting:

Karen Ludkin
Email: karen@calmthewaves.co.uk

Complaints

If you have concerns regarding how your personal information has been collected, stored, used, or shared, please contact Karen Ludkin at:

karen@calmthewaves.co.uk

Complaints will be acknowledged within 30 days and investigated fairly and impartially.

If you remain dissatisfied, you may contact the Information Commissioner’s Office (ICO).

Data Security

The security of your personal information is taken seriously.

  • Computers are password protected
  • Paper files are stored securely in locked cabinets
  • Appropriate measures are used to protect confidential information

Third Party Service Providers

To support the delivery of counselling services, secure third-party providers may be used, including but not limited to:

  • Power Diary
  • ProtonMail
  • Zoom
  • Microsoft Teams
  • Google Workspace
  • Microsoft 365

These providers process information on behalf of Calm the Waves Counselling & Training and are selected with consideration for security and privacy standards.

Some providers may process information outside the United Kingdom. Where this occurs, appropriate safeguards are used in accordance with UK data protection legislation.

Automated Decision Making

No automated decision-making or profiling is carried out using your personal information.