Therapeutic Counsellor &

Clinical Supervisor

EMDR Therapy

South Croydon (Selsdon)

Reg. Member MBACP (Accred)

Privacy Statement

I am registered with the ICO (Information Commissioners Office) and adhere to the General Data Protection Regulation (GDPR) which means I need to tell you what data I am collecting from you and what I intend to do with it.


Collection and usage of your personal data

  • I collect personal and sensitive information about clients (including name, address, email address, telephone numbers, GP/emergency details, date of birth, gender, ethnicity, religion, sexual orientation, medical and mental health information).
  • I use the information to provide an effective counselling services, to contact clients regarding sessions and to send receipts and/or invoices.
  • I keep short factual notes of sessions and a record of attendance.


Sharing of client data

  • I might share data if required by law, or if ordered to by a court or if a client tells me about risk of serious harm to themselves or someone else.
  • I have clinical supervision where I talk about my work, but I only use a client's first name. Supervision is also confidential.
  • All payments are recorded in my accounts using a client's name and might be shared with HMRC if I am audited.
  • If an Employee Assistance Programme (EAP) has referred you, factual notes and attendance details will be provided to the EAP.


Storage and disposal of data

  • Most of my records are stored securely using BacPac ( which is a fully encrypted cloud based online system for counsellors. My financial accounts, email, mobile phone and diary system are all electronic and password protected. Any paper records are stored securely in a locked cabinet.
  • My insurer requires me to keep counselling session notes and client personal information for a period of five years. After this time data will be destroyed.
  • I will delete any data related to clients from my business mobile phone and email no later than one month after ending the counselling agreement.


Access to or change of client data

  • A client can make a subject access request in respect of their personal information held by me by making a request in writing. Once I receive the written request, I will respond within 14 days. If a client were referred by an EAP, they should address the request directly to them.
  • If during counselling information is provided by more than one individual (couples counselling) I will only release information if consent has been given by both individuals involved.
  • A client may also request that inaccurate personal data is amended.



If a client has any concerns about how I have handled their data, a complaint can be made to the Information Commissioner’s Office (ICO):


BACP Membership No: 750482

BACP Register No: 156181

© Talking It Over Counselling - Cecilie Sasu - 2015-2018