Clinical Services Privacy Notice

Two Doves Therapy is committed to protecting and respecting the privacy of our clients. We comply with the Data Protection Act 2018 and the General Data Protection Regulations.

This Policy explains when and why we collect personal information, how we use it and how we keep it secure.

We review this policy regularly and where necessary make updates to ensure it accurately reflects how we use your data. We will notify you if there are changes which affect how your data is processed.

What information do we collect?

Website Log Files

In common with nearly all Websites, our Servers automatically generate Log files of all requests for files. These Log files do not capture personal information, other than, the user’s IP address, which is automatically recognised by our web servers. The Log files have various uses, one of which, is to generate aggregated analysis of Website usage. They can, for example, measure overall popularity of the site or particular pages within the website. We do not use the logs in an attempt to identify individual users. Please note, however, access to web pages will, typically, create log entries in the systems of your ISP or network service provider. These suppliers may be in a position to identify the client computer equipment used to access a page. Such monitoring would be done by the provider of network services and is beyond the responsibility or control of Two Doves Therapy.

As already confirmed, we make no attempt to track or identify individual users, except where there is a reasonable suspicion that unauthorised access to our system is being attempted. In the case of all users, Two Doves Therapy reserves the right to attempt to identify and track any individual who is reasonably suspected of trying to gain unauthorised access to computer systems or resources operating as part of Two Doves Therapy web services. A condition of using this Website, is all users must give permission for Two Doves Therapy to use its Access Logs when attempting to track users who are reasonably suspected of gaining, or attempting to gain, unauthorised access. No access to raw log files is given to any third party, other than, our own Hosting provider, whom may need to analyse the Log files on our behalf, if we suspect any unauthorised access to our systems.

Cookies

This website does not store any information that would, on its own, allow us to identify individual users of this service without their permission. Some cookies are essential for the operation of this website and are automatically activated in your Browser. Other non-essential cookies are automatically deactivated and require, explicit, authorisation by you to become active. You are able to switch on or off these cookies via the Cookie icon, located in the bottom right corner of any web page. The following are the cookies used on this website;

 

Cookie NameDescription
CookieControlNeccessary. This allows our Cookie Control System to remember your preferences. It will expire in 30 days.
JSESSIONIDNeccessary. This is used by Java applications to identify your unique session on the website. Typically it is used to maintain the integrity of your session, during interaction with our Website e.g. when completing any of our Contact Forms. Each page you visit will generate a random string cookie. They expire when you close the session with our site.
NIDThird-party. Most Google users will have a preferences cookie called ‘NID’ in their browsers and is not under our control. A browser sends this cookie with requests to Google’s sites. The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on. In our website, it is activated by the embedded Googlke Maps on our Home and Contact pages. It expires within 30 days.
google.comThe group of Google cookies listed in your Browser when visiting our Website, is due to a Google Map being embedded on our Contact page and is not under our control. For details of Google’s Privacy Policy, please click here.

 

Website Enquiries

If you use our website enquiry service, we will ask you to provide us with your name, a method of contacting you and information about your enquiry into our clinical services. We will only use this information to respond to your enquiry.

Enquiries are kept for a maximum of 2 years.

Clinical Services

We will collect information from you when you register and when you use our clinical services. By providing this information you consent to the data being used as described below. When you register, we will ask you to provide personal contact details including name and contact information (email address, postal address and phone number) and your date of birth. We use this information to identify whether you have previously attended therapy with us and to enable us to contact you regarding your therapy.

If you have been referred by another professional such as your GP, they may provide the registration information to us on your behalf. In some circumstances the referrer may also include a brief summary of why the referral is being made which, may include sensitive personal data. If this is the case, we will write to you to make you aware of, and to ensure you consent to, the referral to our therapeutic services. We will do this in our first communication to you within 30 days of receiving the referral.

When you register for our clinical service, we will ask you to provide the contact details for your General Practitioner (GP). We do not make contact with the GP on a regular basis. In some circumstances it may be helpful to contact your GP to arrange better coordinated care. We would usually discuss this with you beforehand.

Due to the nature of therapy, during the consultation and ongoing sessions you will discuss with your therapist personal and sensitive information relating to your relationships and your family. Your therapist will record a brief summary of each therapy session and any key themes in the therapy. The records may also reference sensitive personal data such as information on health and sexual relationships which is relevant to the relationship therapy. Sensitive and personal information is kept under strictly confidential procedures, designed to satisfy both strict data protection and professional bodies’ regulations.

Correspondence between you and Two Doves Therapy will usually be retained as part of your clinical file.

Marketing

We do not contact clients in our clinical services for marketing purposes. When you end therapy, you will be given the option to be contacted as a Service User to give feedback to help us develop our clinical services. We will only contact you regarding service development if you have given your consent.

Research

During the course of therapy, you may be asked to complete clinical questionnaires which are part of the therapy. Your responses to the clinical measures can also alert your clinician about issues that may need to be talked about in therapy (such as distressing thoughts or actions).

How long do you keep my data?

The data belonging to clients in our clinical service will usually be retained for 8 years after which time it is confidentially destroyed. In exceptional circumstances, for example where clients return for further therapy, we may retain your clinical information for longer- in which case we will notify you.

Who do you share my information with?

We will never sell or rent your information to third parties for marketing purposes.

In relation to your therapy, Two Doves Therapy adheres to a professional code of ethical standards which includes the principle of confidentiality. This means that we would not disclose information about you to a third party without your agreement, except in situations where there was significant concern about harm to you or someone else and this would normally be discussed with you beforehand.

Online Therapy

Zoom

Two Doves Therapy offers individual therapy via the ZOOM platform which is a secure, confidential and reliable video software platform. Two Doves Therapy aims to provide the highest practical levels of client confidentiality protection by using Zoom which uses end to end encryption and is GDPR and HIPAA compliant. We regret we are unable to guarantee complete confidentiality under all circumstances. Monitoring or intrusion by state agencies or by computer service providers operating under state direction may in certain jurisdictions pose a threat to client confidentiality.

Links to other websites

Our website may contain links to other third-party websites. This privacy policy applies only to Two Doves Therapy website and we would ask you to read the privacy policy and notices of any other websites you visit via links from our website.
Your rights

The GDPR gives you certain rights in relation to the data we hold about you. You can exercise the rights outlined below by contacting us:
Email to

Under the GDPR you can:

  • Find out what information we hold about you.
  • Access a copy of the information we hold about you.
  • Rectify any inaccurate or incomplete personal data.
  • Have the right to object to our processing of your personal information.
  • Ask us to delete or restrict how we use your personal information, but this right is determined by applicable law.
  • Have your registration information (if registering using our online booking system) sent to another provider.
  • Have the right to appropriate decision making (TR does not use automated profiling or decision making).
  • Complain to a regulator if you think we have not complied with data protection laws. You can lodge a complaint with the Information Commissioners Office https://ico.org.uk/concerns/

Review of this Policy

We keep this Policy under regular review. This Policy was last updated on 10 December 2020

We hope this policy helps you to understand how we use your data. If you have any questions you can contact us by one of the following methods: Email to:

Two Doves Therapy
17 Queens Avenue
Welwyn Garden City
Hertfordshire
AL7 4BZ