Privacy Policy
Dr Gözde Arslan, Blue Orchid Counselling and Consultancy Ltd offers counselling psychological services and consultancy. This privacy policy explains how I use any personal information I collect about you, as a past, present, future service user (client or patient) or when you use our website, in compliance with the General Data Protection Regulation (GDPR).
​
​Please contact Dr Gözde Arslan on info@blueorchidcounselling.com with any questions or requests about the personal information I process.
​
1. What are your rights?
I am committed to protecting your rights to privacy. They include:
-Right to be informed about what I do with your personal data
-Right to have a copy of all the personal information I process about you
-Right to rectification of any inaccurate data I process, and to add to the information I hold about you if it is incomplete
-Right to be forgotten and your personal data destroyed
-Right to restrict the processing of your personal data
-Right to object to the processing I carry out based on my legitimate interest
2. Why do I collect information about you?
I may collect information about you because you are a patient or client.
I process the data because it is in my legitimate interests as a Counselling Psychologist to do so. I need to see and analyse documents containing this information to carry out an assessment or to deliver services.
​
As a client or patient of Dr Gözde Arslan my lawful reason for processing “special category data” is that it is necessary for the purposes of the provision of health or social care or treatment.
​
3. What information do I collect about you?
I collect information about you that may include personal or sensitive information, such as:
First name or given name
Family name or surname
Address
Telephone/SMS numbers
Email address
Gender (or preferred identity).
Age
Date of Birth
Relationships & children
Occupation
Religion
Ethnicity
Sexuality
Health insurance details
​
To make sure that you are assessed and/or treated safely and appropriately, I record your personal information, such as your name, address, as well as all contacts you have with the Company such as appointments and the results of assessments and letters relating to your care/report. Your data is kept confidential within the Company at all times.
​
I also process personal data pursuant to my legitimate interests in running my business such as:
​
Invoices and receipts
Accounts and tax returns
Please see section below on information about my website cookies.
​
Patients/Clients (Therapy or private assessment)
When you are a patient or client of Dr Gözde Arslan I record all your treatment and details of your appointment so that I can plan your treatment correctly. In addition to the personal information above, I may also collect information regarding:
Medical conditions (if relevant)
Prescribed medication
Psychological history and current difficulties
Offences (including alleged offences)
Financial information, including bank account details
Web access collection of information
I collect information when you voluntarily complete contact forms. I always try to minimise the amount of personal information that I require in order to provide a specific service.
​
My website uses Cookies. Cookies are small text files that are placed on your computer’s hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved. Some cookies may last for a defined period of time, such as one day or until you close your browser. Others last indefinitely. Your web browser should allow you to delete any you choose. It also should allow you to prevent or limit their use. Cookies are placed by software that operates on our servers, and by software operated by third parties whose services we use.
Requests by your web browser to our servers for web pages and other content on our website are recorded.
Information such as your geographical location, your Internet service provider and your IP address may be recorded. Information about the software you are using to browse our website, such as the type of computer or device and the screen resolution may also be recorded.
​
I use cookies and information provided by your web browser to track how people use my website to help improve the way I provide content to users.
​
5. How do I store the information about you?
I take your privacy very seriously.
I am committed to taking reasonable steps to protect any individual identifying information that you provide to me. Once I receive your data, I make best efforts to ensure its security.
All personal information provided is stored in compliance with EU General Data Protection Regulations (GDPR) rules. More information is provided prior to first appointment.
​
6. How long do I keep your information for?
I do not keep your data for longer than is necessary.
​
Administrative data is retained for up to seven years from the point of last contact as necessary, in the unlikely event there are queries from HMRC. Where it is not necessary to retain the data for seven years, it is destroyed as soon as possible.
Patients/Clients (Therapy or private assessment)
Personal data is retained, where necessary, for seven years from the point of last contact in compliance with my professional indemnity and professional regulations. For clients under the age of 18, personal data is retained until their 26th birthday or seven years after our last contact, whichever is the later.
7. Who do I share your personal information with?
Your information is kept confidential within the Company at all times. Where possible I will anonymise information so that individual patients cannot be identified.
​
If I become aware of your intent to cause harm to another person/organisation (e.g. terrorism), the law may require that I inform an authority without seeking your permission. In such a situation, the law may require that I share your personal information without your knowledge.
By contacting the Information Security Officer, by email and/or using the address below you can also get more details on:
agreements I have with other organisations for sharing information;
-circumstances where I can pass on personal data without consent for example, to prevent and detect crime and to produce anonymised statistics;
-how I check that the information I hold is accurate and up to date
Special category data and personnel files held electronically are encrypted with restricted access.
​
For those funding through health insurance, personal information including your name, address, date of birth, membership number and authorisation number may be stored on the Healthcode system for the purposes of invoicing your insurers securely.
​
Patients/Clients (Therapy or private assessment)
Your information may be shared with outside organisations if they are directly involved in your care/case, for instance, your insurer if they are funding your treatment, your GP, or others involved in your care. I will discuss with you who I would discuss your care with, and what details I would share with them.
If your health is in jeopardy I may share your contact information with an emergency healthcare service (e.g. Mental Health Crisis Team). If you are a child and your health is in jeopardy I may share information with your parent / guardian.
​
In many circumstances I will not disclose personal data without consent.
However, when I investigate a complaint I may need to share personal information with other relevant bodies.
If I do need to share your information, I will always try and ask for your permission for this. I may not be able to ask your permission under special circumstances where we are legally required to do so.
8. How you can access your information and correct it, if necessary?
I try to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if I hold any personal information by making a ‘subject access request’ or ‘Right of Access’ under the Data Protection Act and the General Data Protection Regulation. I will then:
-Supply a description of all data I hold about you
-Inform you how it was obtained (if not supplied by you)
-Inform you why, what purposes, I am holding it
-What categories of personal data is concerned
-Inform you who it could be disclosed to
-Inform you of the retention periods of the data
-Inform you around any automated decision making including profiling
-Let you have a copy of the information in an intelligible electronic form unless otherwise requested.
To make a request to me for any personal information I may hold you need to put the request in writing. I want to make sure that your personal information is accurate and up to date. You may ask me to correct or remove information you think is inaccurate, please address these changes to me via email, info@blueorchidcounselling.com
9. Complaints or queries
I try to meet the highest standards when collecting and using personal information. For this reason, I take any complaints I receive about this very seriously. I encourage people to bring it to my attention if they think that my collection or use of information is unfair, misleading or inappropriate. I would also welcome any suggestions for improving my procedures.
​
If you are not satisfied with the response from me or believe I am not processing your personal data in accordance with the law you have the right to raise your complaint with the Information Commissioner’s Office (ICO)
Contact information ICO:
Website: https://ico.org.uk/concerns/
Email: casework@ico.org.uk
Telephone: +44 (0) 303 123 1113