How will my data be stored?
In May 2018 the Data Protection Act was replaced by the General Data Protection Regulations (GDPR). The changes to the Data Protection Act are aimed at ensuring that your personal, confidential and sometimes sensitive data, is held privately and
securely.

How long will you hold my data?
I am registered with the Hypnotherapy Directory, the National Hypnotherapy Society, and accredited by the Professional Standards Authority. I must hold your data for 8 years after your final session. Unless you are under 16 years old, in which case I must hold your data until your 25th birthday. If you are 17 years old when your sessions come to an end I must keep your data until your 26th birthday. Therefore, all records will be deleted in the January after the above retention scales. This is in line with NHS regulations for data handling.

What if I would like my data to be destroyed before this date?
Under GDPR you are able to request the deletion of your records at any time.

Am I able to see or get a copy of the data held about me by you?
Under GDPR you are able to see and/or get a copy of the data I hold about you within 30 days.

What are your reasons for collecting data?
I collect data about why you are using my services, a small amount of medical information and a small amount of information about your partner and/or family, alongside brief session notes. This information enables me to provide a high quality service to you. Your contact details, address and doctors details will only be used with your consent.

How do I know that you will store my data securely? 
All hardcopy documents are stored in a locked cabinet in a locked room. My work phone is secured with a pin code. My email account requires a user name and password. Any attachments sent by email to you containing your personal information are password protected and the password would be sent to you via text message. Any electronic documents e.g. a letter to your GP, or an invoice, are password protected and stored on a password protected computer if they contain personal or sensitive information.

Are our discussions within the hypnotherapy sessions confidential? Our sessions together are confidential. The only times I would ever break confidentiality is if you were to indicate any criminal activity or safeguarding concerns, for example if you were to suggest that you were in immediate danger, if you posed an immediate danger to yourself or to others. In the very unlikely event that confidentiality had to be broken I would aim to inform you every step of the way. All therapists are required to have regular supervision sessions to ensure that we are providing the best care possible to their clients. During my supervision sessions I may discuss aspects of our practice however you would remain anonymous. If I was issued with a police warrant or court order for your information, by law I would also have to provide them with your information.

What if I see you outside of a hypnotherapy session in real life or online?
I will not approach you online or in real life unless we have a prior relationship. Should you approach me I will allow you to disclose how we know each other but only if you wish to do so. Otherwise our connection to one another will remain private.

Will you discuss information about me with other health and social care professionals?
I will only discuss information about you with other health and social care professionals with your consent and only if strictly necessary for the continuation of our work together. 

Data controller
The ICO data controller is Gemma Aked-Priestley (Discover Therapy)
ICO registration number: XXXXX