Allister Murdoch Privacy Policy
This page sets out my privacy policy as required under GDPR. It describes how I look after and use any information you may give me, either as a client, a prospective client, someone who has communicated with me about my services, or as a visitor to my website. It also describes your privacy rights.
Data Controller.
As a sole trader, I (Allister Murdoch) am the Data Controller and am registered as such with the Information Commissioner's Office (ICO).
Reasons for Collection of Information
I am only allowed to collect personal information for proper and lawful reasons. At every stage of my relationship with you, your information will only be processed if it meets at least one of the following conditions.
To fulfil my counselling agreement with you. This includes the collection of information before we enter into a explicit or implicit counselling agreement, during your counselling and after the counselling has concluded.
·To ensure I am giving you a professional and ethical service that complies with the Codes of Practice of the professional organisations I am a member of, and the requirements of my insurers.
When it is my legal duty to collect, store, use or transfer information in order to comply with legislation or the instructions of a court of law
·When it is required to maintain my own safety, your safety or the safety of third parties.
· To monitor the effectiveness of my website, and/or other marketing activity
· To enable financial transactions between us
How Information is Collected
·The personal identifiable information I collect, store and use comes entirely from our conversations, emails, texts and phone calls.
·The information others may hold comes from our online communication and/or from financial transactions between us.
Types of Information Held
Personally Identifiable Information I hold-
·Your contact Information, preferred contact methods & preferred response to accidental contact
·Socio-demographic & locational information, including age, gender, sexuality, past & present location, employment and relationship history, ethnicity, education, health, financial status and past/present relationships.
Communication Information from letters, emails, texts, and phone calls.
·Contracts & Consents. Information about Contracts & Consent such as signed letters of consent.
·Information required to fulfil the counselling agreement between us.
·Information about financial transactions between us.
Anonymised information I hold-
·Information derived from sessions (Case notes)
·Third Parties may also hold information gathered through your interactions with me. This includes,
Information derived from the use of cookies on my website. (Note 1)
Information derived through email, SMS, phone contact between us (Note 1)
·Information about financial transactions between us
·Information derived from the location of our phones (Note 2)
Note 1 - this is meta-data such as date, time, IP address and duration of communication, and usually does not include the content of the conversations. If you are concerned about third parties holding or accessing the meta-data or content of communication please inform me of this and we can explore the use of specialised communication applications to mitigate this. Note 2 - Modern Smartphone applications upload the location of the phone to the application server. This can result in applications such as Facebook deriving a connection between us.
Storage of Information
I store information in two forms
Digitally -
Contact information - Held on Phone, Laptop and backed up in the cloud and locally
Emails - These are held on a laptop, phone and backed up on local devices.
SMS Texts -These are held on a phone, and then they are copied and held in paper form.This is held in a locked filing cabinet
In Paper form -
·Anonymised case notes and information from sessions This is held in a locked filing cabinet
·Letters, signed consents and agreements, sociodemographic information. This is held separately to the case notes also in a locked cabinet.
Information about financial transactions (bank statements). This is held in separately to the above in a file in an unlocked cupboard.
Third Parties may hold information in any form.
Sharing of Information
Statutory bodies when required to by law or instruction of a court of law
Statutory bodies when required to avoid harm to you, me or others
· My accrediting/ethical membership body, insurers and professional advisers in the case of you making a complaint against me
· My professional executor, in the case of my incapacity or death.
· A lawyer - If your information is requested by a court or you raise a legal action against me I may take legal advice, in order to clarify whether the court has jurisdiction and whether the request meets the strict legal criteria required in such cases. In this situation I may consult a lawyer to help me make an informed decision about whether to release some or all the information I hold to the court. Personal information pertinent to the decision will be made available to the lawyer, who will be bound by a Professional Code of Conduct.
·Agreed information, with your written permission, using information that you provide me with your GP, other medical professionals or a named individual in an educational institute.
Who I share anonymised personal information with
·Clinical Supervisors (including specialist supervisors) in order to ensure I am operating effectively and ethically
·Other counsellors who are members of a Professional Register in order to gain insight and information from others who may be more experienced than me.
With your written permission I may share anonymised information with
Other counsellors attending workshops Continuous Professional Development events
·Counselling tutors and examiners in order to gain additional qualifications and accreditations.
How long will I keep your information I will keep your information for a variety of lengths of time depending on how it is held
Digital Information
Basic contact information - contact information, emails, texts, messages and calendar appointments. For technical reasons this information cannot be entirely erased and could therefore remain accessible to a technically competent person until the storage device is destroyed or securely wiped and reformatted.
Paper information
Notes and paper copies of contact information, emails, created media. These will be shredded 3 years after counselling ends. Paper information gathered during the introductory session will be shredded after 14 days if you have not contacted me to arrange paid sessions or chose not to attend any more sessions after the initial session and not inform me.
Marketing
I will never use your information for marketing, or contact you to market a service to you unless you have specifically given consent in writing
Sending of information outside the EU.
I will not knowingly send your personal information outside the EU unless:-
I am required to in order to comply with the instructions of a Court of Law
I have to do so in order to defend myself against a legal action or a complaint brought by you.
·I have your written consent.
Cookie Policy
Cookies are small pieces of information that are placed in your browser to track how you travel through this site and possibly across other websites. some are essential to running this website.
Your Rights
You have a range of legal rights including
· the right to access your personal information
· the right to require me to change any factual mistakes in the information I hold.
· the right to withdraw your consent to the non-essential processing of information*
· the right to request the deletion/destruction of your personal information* (The right to be forgotten)
You can withdraw consent to the use of your personal information and/or request its destruction however there are limits to this right laid down in the legislation. For example you cannot demand the destruction of records of financial transactions.
For more information about your Information Privacy Rights or to make an Information Privacy orientated complaint you can contact the Information Commissioners Office through their website https://ico.org.uk/
Changes to this policy
If I have to make changes to this policy that are inconsistent with the original purposes for which your data was collected I will notify you in advance wherever possible and give you the opportunity to withdraw consent for your information to be processed.
Data Controller.
As a sole trader, I (Allister Murdoch) am the Data Controller and am registered as such with the Information Commissioner's Office (ICO).
Reasons for Collection of Information
I am only allowed to collect personal information for proper and lawful reasons. At every stage of my relationship with you, your information will only be processed if it meets at least one of the following conditions.
To fulfil my counselling agreement with you. This includes the collection of information before we enter into a explicit or implicit counselling agreement, during your counselling and after the counselling has concluded.
·To ensure I am giving you a professional and ethical service that complies with the Codes of Practice of the professional organisations I am a member of, and the requirements of my insurers.
When it is my legal duty to collect, store, use or transfer information in order to comply with legislation or the instructions of a court of law
·When it is required to maintain my own safety, your safety or the safety of third parties.
· To monitor the effectiveness of my website, and/or other marketing activity
· To enable financial transactions between us
How Information is Collected
·The personal identifiable information I collect, store and use comes entirely from our conversations, emails, texts and phone calls.
·The information others may hold comes from our online communication and/or from financial transactions between us.
Types of Information Held
Personally Identifiable Information I hold-
·Your contact Information, preferred contact methods & preferred response to accidental contact
·Socio-demographic & locational information, including age, gender, sexuality, past & present location, employment and relationship history, ethnicity, education, health, financial status and past/present relationships.
Communication Information from letters, emails, texts, and phone calls.
·Contracts & Consents. Information about Contracts & Consent such as signed letters of consent.
·Information required to fulfil the counselling agreement between us.
·Information about financial transactions between us.
Anonymised information I hold-
·Information derived from sessions (Case notes)
·Third Parties may also hold information gathered through your interactions with me. This includes,
Information derived from the use of cookies on my website. (Note 1)
Information derived through email, SMS, phone contact between us (Note 1)
·Information about financial transactions between us
·Information derived from the location of our phones (Note 2)
Note 1 - this is meta-data such as date, time, IP address and duration of communication, and usually does not include the content of the conversations. If you are concerned about third parties holding or accessing the meta-data or content of communication please inform me of this and we can explore the use of specialised communication applications to mitigate this. Note 2 - Modern Smartphone applications upload the location of the phone to the application server. This can result in applications such as Facebook deriving a connection between us.
Storage of Information
I store information in two forms
Digitally -
Contact information - Held on Phone, Laptop and backed up in the cloud and locally
Emails - These are held on a laptop, phone and backed up on local devices.
SMS Texts -These are held on a phone, and then they are copied and held in paper form.This is held in a locked filing cabinet
In Paper form -
·Anonymised case notes and information from sessions This is held in a locked filing cabinet
·Letters, signed consents and agreements, sociodemographic information. This is held separately to the case notes also in a locked cabinet.
Information about financial transactions (bank statements). This is held in separately to the above in a file in an unlocked cupboard.
Third Parties may hold information in any form.
Sharing of Information
Statutory bodies when required to by law or instruction of a court of law
Statutory bodies when required to avoid harm to you, me or others
· My accrediting/ethical membership body, insurers and professional advisers in the case of you making a complaint against me
· My professional executor, in the case of my incapacity or death.
· A lawyer - If your information is requested by a court or you raise a legal action against me I may take legal advice, in order to clarify whether the court has jurisdiction and whether the request meets the strict legal criteria required in such cases. In this situation I may consult a lawyer to help me make an informed decision about whether to release some or all the information I hold to the court. Personal information pertinent to the decision will be made available to the lawyer, who will be bound by a Professional Code of Conduct.
·Agreed information, with your written permission, using information that you provide me with your GP, other medical professionals or a named individual in an educational institute.
Who I share anonymised personal information with
·Clinical Supervisors (including specialist supervisors) in order to ensure I am operating effectively and ethically
·Other counsellors who are members of a Professional Register in order to gain insight and information from others who may be more experienced than me.
With your written permission I may share anonymised information with
Other counsellors attending workshops Continuous Professional Development events
·Counselling tutors and examiners in order to gain additional qualifications and accreditations.
How long will I keep your information I will keep your information for a variety of lengths of time depending on how it is held
Digital Information
Basic contact information - contact information, emails, texts, messages and calendar appointments. For technical reasons this information cannot be entirely erased and could therefore remain accessible to a technically competent person until the storage device is destroyed or securely wiped and reformatted.
Paper information
Notes and paper copies of contact information, emails, created media. These will be shredded 3 years after counselling ends. Paper information gathered during the introductory session will be shredded after 14 days if you have not contacted me to arrange paid sessions or chose not to attend any more sessions after the initial session and not inform me.
Marketing
I will never use your information for marketing, or contact you to market a service to you unless you have specifically given consent in writing
Sending of information outside the EU.
I will not knowingly send your personal information outside the EU unless:-
I am required to in order to comply with the instructions of a Court of Law
I have to do so in order to defend myself against a legal action or a complaint brought by you.
·I have your written consent.
Cookie Policy
Cookies are small pieces of information that are placed in your browser to track how you travel through this site and possibly across other websites. some are essential to running this website.
Your Rights
You have a range of legal rights including
· the right to access your personal information
· the right to require me to change any factual mistakes in the information I hold.
· the right to withdraw your consent to the non-essential processing of information*
· the right to request the deletion/destruction of your personal information* (The right to be forgotten)
You can withdraw consent to the use of your personal information and/or request its destruction however there are limits to this right laid down in the legislation. For example you cannot demand the destruction of records of financial transactions.
For more information about your Information Privacy Rights or to make an Information Privacy orientated complaint you can contact the Information Commissioners Office through their website https://ico.org.uk/
Changes to this policy
If I have to make changes to this policy that are inconsistent with the original purposes for which your data was collected I will notify you in advance wherever possible and give you the opportunity to withdraw consent for your information to be processed.