top of page

Privacy and Data Protection Policy
 

Last reviewed: 03 November 2025
Next review due: 03 November 2027
 

1. Introduction and Purpose

Peterborough Counselling Limited (“we”, “our”, “us”) is committed to protecting your privacy and personal data.
This Privacy and Data Protection Policy explains how we collect, use, store, and protect information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
 

This policy applies both to:

2. Data Controller Details

Data Controller: Administration
Contact Details: - | 01733 767279
ICO Registration Number: ZA221088
 

3. What Data We Collect and Why

We collect and process personal data to provide safe, effective counselling services and to manage client and website enquiries.​


4. Confidentiality

All information shared during counselling sessions is strictly confidential.
Exceptions apply if:

  • There is reason to believe you or someone else is at serious risk of harm.

  • Disclosure is required by law (e.g., safeguarding, terrorism, or money-laundering concerns).

  • Data is shared anonymously in professional supervision to maintain high standards of care. Supervisors are also bound by confidentiality.

Where possible, any necessary disclosure will be discussed with you beforehand.

 

5. Data Storage and Security

All client records are securely stored either in locked filing cabinets or on encrypted, password-protected digital systems.
Only authorised administrative staff and counsellors have access to relevant client data.

​

Digital communication (emails, text messages, and contact form submissions) is used for administrative purposes only.
We take all reasonable steps to protect information transmitted through our website and email systems.

​

6. Data Retention

Professional bodies (e.g., BACP, NCS) and insurance providers require client records to be retained for a specified period after therapy ends - typically 7 years.
After this period, all records are securely destroyed (shredded or permanently deleted).

 

7. Your Rights

Under UK GDPR, you have the following rights:

  • Right of Access: Request a copy of the information we hold about you.

  • Right to Rectification: Request corrections to inaccurate or incomplete data.

  • Right to Erasure: Request deletion of your data (subject to legal and professional obligations).

  • Right to Restrict Processing: Request that we limit the way your data is used.

  • Right to Data Portability: Request a copy of your data in a transferable format.

  • Right to Object: Object to the processing of your data in certain circumstances.


To exercise any of these rights, please contact us using the details above.

​

8. Sharing of Data

We do not share personal data with third parties without your explicit consent, except where required by law or to prevent serious harm as outlined in Section 4.
 

9. Website Cookies and Analytics

Our website uses only essential cookies required for basic functionality and security.
We do not use cookies for marketing, tracking, or advertising purposes.

 

If you contact us through our website, we will use the information you provide (such as name, email address, and phone number) solely to respond to your enquiry.

 

10. Data Breaches

In the unlikely event of a data breach that may compromise your personal information, we will notify you and, where required, the Information Commissioner’s Office (ICO) within 72 hours.


11. Complaints

If you have concerns about how we handle your personal data, please contact us directly.
If you remain dissatisfied, you have the right to complain to the Information Commissioner’s Office (ICO):

12. Policy Review

This policy is reviewed regularly to ensure continued compliance and accuracy.


Last Reviewed: 03 November 2025
Next Review Due: 03 November 2027

bottom of page