Iona Wellbeing Privacy Policy

Statement of Intent

This policy sets out how Iona Wellbeing uses and protects the information that you provide when you use our website and services. We intend to ensure any data is processed and stored securely, managed respectfully and used only for the purposes of which it has been provided. This policy will be updated from time to time in line with prevailing legislation.

 

The type of personal information we collect and what we do with this information:

When you contact us via our website, phone or email we will collect your:

  • Name

  • Email Address

  • Telephone Number

  • Any information you choose to supply regarding the purpose of your enquiry.

This information will be used to contact you with further information regarding our services and to arrange appointments. During your Initial Consultation we will ask for further details including your date of birth, occupation/ education, emergency contact details, GP and health details including any medications and what you would like solution focused hypnotherapy to help with. There are certain conditions where hypnotherapy is contraindicated. With this information we are able to understand if hypnotherapy may be suitable for you and it allows therapy to be adapted in accordance with your individual needs. Case notes will be taken during sessions to enable effective planning of future sessions and to ensure continuity.

How will my data be stored?

In May 2018 the Data Protection Act was replaced by the General Data Protection Regulations (GDPR). The changes to the Data Protection Act are aimed at ensuring that your personal, confidential and sometimes sensitive data, is held privately and securely.

How long will my information be held for?

Written records are stored securely in line with current guidance from the National Council for Hypnotherapy (NCH), which is for 8 years after the last interaction with an adult client and up to the age of 25 for a child under 16 when last seen, or 26 years of age for a 17-18 year old.

What if I would like my data to be destroyed before this date?

Under GDPR rules, you are entitled to request the deletion of any of your records at any time.

Am I able to see or get a copy of the information held?

In line with GDPR, yes, within 30 days.

How will my information be securely stored?

Any information containing personal details will be stored securely, electronically with virus software and password protection.

Are discussions within the hypnotherapy sessions confidential?

Yes, unless further support is required from a supervisor or if there is evidence of risk.

Will information about me be shared with other health and social care professionals?

Contact with your GP or other care providers may be necessary if you are at risk or if there are elements of care which need to be discussed. Your written consent is required if GP contact is necessary.

Data controller - Camilla Davenport.

Last Updated - April 2023