Privacy Policy

This privacy policy sets out the details of how data is collected and processed through the use of our website, as well as how we process and handle your data should you engage in services with us.

1. Data Controller

The data controllers responsible for the processing of your personal data are Dianne Everitt and the Psychologist you work with. Dianne Everitt and your Psychologist will collect and share relevant information in order to perform the administrative roles related to your work with one of our Psychologists.

All of our Psychologists are registered with the Information Commissioner's Office (ICO). If you have any questions or concerns regarding your personal data, you can contact us at admin@dianneeveritt.com, or contact the Psychologist you are working with directly.

2. Types of Personal Data we Collect

To provide you with counselling and therapy services, we may collect the following types of personal data:

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.

Contact Data includes billing address, delivery address, email address and telephone numbers.

Financial Data includes bank account and payment card details.

Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.

Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.

Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.

Usage Data includes information about how you use our website, products and services.

Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

Sensitive Data includes information about your health, including information about your existing and previous medical conditions, medication details, psychiatric history and any other relevant health information to enable us to carry out our services to you.

We require your consent for processing sensitive data, which can be provided verbally and in writing, so when you submit your details, we will further communicate with you asking for you to confirm your consent to this processing. Engaging with services will require your personal and sensitive data to be held.

With the engagement of therapeutic services, we may collect other Special Categories of Personal Data about you, if this is relevant to our work together (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership and genetic and biometric data).

We also receive personal information if:

  •  You consent for us to speak with another party for the purpose of therapy services.

  •  You share details from another provider, such as a letter from a healthcare

    professional.

    We may share your information with other providers if we agree that this would be helpful for you receiving services elsewhere. We will not do this without your explicit consent.

If you fail to provide personal data:
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services or goods). In this case, we may have to cancel a service or product you have with us but we will notify you if this is the case at the time.

We use different methods to collect data from and about you including through:
· Direct interactions: You may provide some personal data by filling in forms before or during an appointment, verbally, or by corresponding with us by post, phone, email or otherwise.
· Automated technologies or interactions: As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. · Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:

Technical Data from the following parties:

  • analytics providers such as [Google] based outside the EU; advertising networks such as [Facebook] based outside the EU; and

  • search information providers such as [Google] based outside the EU.

  • delivery services such as [Stripe or PayPal] based outside the EU.

  • Contact, Financial and Transaction Data from providers of technical, payment and

3. Legal Basis for Processing Personal Data

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

Contractual necessity: Processing your data is necessary to fulfil our contractual obligations in providing therapy services.

Consent: With your explicit consent, we may process data for specific purposes not covered by contractual necessity.

Legal compliance: we may process your data to comply with legal obligations.

Vital interests: In certain circumstances, we may process your data to protect your vital interests or the vital interests of others.

4. Purpose of Data Processing

We collect and process your personal data for the following purposes:

  • Providing therapy and wellbeing support

  • Assessing and monitoring your progress during therapy

  • Managing appointment scheduling and communication

  • Providing diagnostic assessments

  • Processing payments for therapy services.

  • Complying with legal obligations, including record-keeping requirements.

  • Addressing any complaints or concerns you may have.

  • Marketing or communication purposes.

5. Data Retention

By law we have to keep medical information about patients for 7 years after treatment has finished. For any children we treat we are obliged to retain the medical information until 7 years after the child’s 18th birthday. By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) . These will be kept for 6 years after they cease being customers for accounting and tax purposes.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

6. Data Security

We implement reasonable and appropriate security measures to protect your personal data. These measures include:

· Secure storage and access controls for electronic data.

· Regular review and update of security procedures.

We may share your personal data with the following parties only for their individual selected purposes, outlined in Section 4:

  • Third-party service providers: Secure payment processors, appointment scheduling tools, or electronic health record systems.

  • Professional advisers, acting as processors or joint controllers, including healthcare professionals, lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.

  • Legal or regulatory authorities: As required by law or to protect our legal rights.

  • Supervision and clinical trustee: we engage in clinical case discussion for supervisory purposes and good practice. In the unfortunate situation that we are no longer able to work, arrangements are in place with a Clinical Trustee. The Clinical Trustee will therefore have your name, contact details and any other appropriate information for them to discuss next steps with you.

    We will never sell your personal data to third parties for marketing purposes.

7. International transfers

We may transfer your data outside the European Economic Area (EEA).

Many of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.

8. Your data protection rights

Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

9. Changes to the Privacy Policy

We may update this privacy policy from time to time to reflect changes in legal or regulatory requirements or our data processing practices. We will notify you of any significant changes and seek your consent if required by law.

10. Complaints

If you have any concerns about how we handle your personal data, please contact us using the details provided in Section 1. You also have the right to make a complaint with the ICO, the UK's data protection supervisory authority.

Dianne Everitt’s Cookie Policy

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies:

·       Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

·       Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

·       Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

·       Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. [We may also share this information with third parties for this purpose.]

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Please note that the following third parties may also use cookies, over which we have no control. These named third parties may include, for example, advertising networks and providers of external services like web traffic analysis services. These third party cookies are likely to be analytical cookies or performance cookies or targeting cookies:

[We do not share the information collected by the cookies with any third parties.]

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

 By engaging in services with any of the Psychologists or administrative staff at Dianne Everitt and Associates, you acknowledge that you have read, understood, and agreed to this privacy policy.