The General Data Protection Regulation (GDPR) is concerned with the personal information about you and how it is collected, stored and shared. This is the GDPR statement of Vanda Varga, NLP/Hypnotherapy Master Practitioner and Trainer offering psychological therapy/coaching/training in person and online as well as related online resources.
The information collected will depend on how you (the client) interact with our services, i.e. whether you access services online (such as free resources) and/or in person / online therapy, coaching or training.
Online Information Collection
Information is also collected about you when you visit my website when you sign up to consultations, workshops, training, newsletter, etc. All private information is processed and kept in compliance with UK GDPR guidelines.
I also make use of Google Analytics and cookies. – These are simply to make site navigation easier, and load pages of the site more quickly. These cookies can be removed at any time.
If you do not consent to personal information being sent to me online , you may be unable to make use of some of the services currently available through my website.
I minimise personal information collected when providing a specific service or accessing a specific feature of the website.
- Storing pre-consultation information (collected when booking a consultation online): When you book online, you are asked to provide some details about you and what you are looking for. The details collected are your name, whether you are seeking online/in-person therapy, individual/couple therapy, reasons for seeking therapy, current issues, coping strategies, whether able to commit to weekly sessions and whether you approve being sent emails relating to therapy/coaching/training sessions.
- Free resources: When you sign up for free resources, on online system is used for delivering the response, and add your name to my mailing list.
- Only your name and email address and phone number are collected. I will only contact you via text message of phone calls if I am in doubt that my email reached you, unless otherwise agreed. You can update your email preferences at all times by contacting me or following the link at the end of every email.
Cookies and marketing
By signing up and attending to any workshops or training, you agree to the following: You understand that all trainings/workshops may be recorded and shared across all platforms. You understand that all recordings form the intellectual property of Vanda Varga and you consent to all recordings and images you may appear in to be shared across all platforms and to be used for educational and/or marketing purposes in the discretion of the trainer, Vanda Varga and co.
Health record collection and confidentiality
Your session records will be kept confidential and all information is stored securely.
I follow the ethical guidelines of the ICO to ensure that your information is collected and stored securely.
At our initial consultation, should you decide to work with me, I will collect some personal information including: name, date of birth, address, phone number, and email address, medical information, emergency contact’s details, etc. I keep paper records of your appointments, brief notes on the topics covered during the sessions and your concerns.
Session related information and topics covered in the sessions will be stored in paper form and/or electronically for 7 years from our last appointment insurance purposes. This is in line with GDPR guidance.
Your personal details and any information collected during the initial consultation (including possible referral letters, questionnaires) are stored in paper format in a locked cabinet.
Once our sessions have reached a conclusion, hard copies of the session notes are stored in a locked cabinet. The information is kept up to 7 years after you have completed working with me for legal reasons. This is in line with GDPR guidance.
As part of the initial consultation process, I collect information about whether you are happy for your GP to be informed about your contact with me and if they would like to provide additional support . At times I may seek further consent to share information if necessary and if so, you will be informed of that prior to me making contact with your GP.
Storage Methods for clinical services:
- Paper written notes as described above
- Electronic storage: necessarily brief session notes covering the topics covered are held stored electronically and protected with a password and are encrypted. The notes are printed out and placed in a hard copy file which stored in a locked cabinet.
- Phone: I do not store your contact details on my mobile phone unless agreed otherwise. SMS is not used for general communication.
- Email: I used zohomail based email. Your email address and all messages will be stored in my email account safely and securely for future communication purposes in line with GDPR guidelines.
- Website: your personal information is not stored on my website, other than to momentarily collect & send it to my email account for the purposes of contacting you about your personal sessions, workshops or training.
As part of ethical practice, I seek regular consultation with a mentor, who is trained in NLP & Hypnosis. The consultation process is also confidential and no personal details other than first name will be shared. This is a verbal process which is to ensure my professional development.
You will be asked to sign a consent form if it is necessary to share information with a third party. The only exceptions to your giving consent to share information may be if I consider you were a danger to yourself or others. If this is the case, it is my legal obligation under the duty of care and safeguarding to take the relevant and appropriate steps for your and others’ safety.
In case of emergency
If I have reason to believe that you are at risk to yourself, to someone else, or there are child protection issues that arise as the result of our sessions, I am required to act upon these concerns.
In that case I am obliged to breach confidentiality by speaking to e.g. a crisis team (harm to self) or the police (harm to others / an organisation e.g. in case of terrorism) or child protection services / NSPCC.
If I have to breach confidentiality, wherever possible I will discuss this with you first.
If I were to encounter an emergency and unable to make contact, your name and contact details might be shared with a trusted person (your emergency contact) to inform you about the changes in our meetings. No other personal information would be shared.
Complaints should be addressed to me personally in the first instance. As I would hope to resolve your issues to your complete satisfaction. I hold all relevant insurance, and certificates of current status is displayed in my premises.
You have the following rights…
- To be informed what information is collected and how it is stored
- To see the information I hold about you
- To rectify any inaccurate or incomplete personal information
- To withdraw consent to me using your personal information
- To request your personal information be erased (although if the information is needed for me to practice lawfully and ethically, I can decline)
Or visit the website and use the contact page to send your enquiry.