I am a qualified counsellor and psychotherapist working in private practice. I am a registered member of the British Association for Counselling and Psychotherapy (BACP), and I am committed to protecting your personal data and respecting your privacy.

​

This Privacy Policy explains what personal data I collect, how I use it, and your rights under the UK General Data Protection Regulation (UK GDPR).

​

What information I collect

To provide you with a safe and professional counselling service, I may collect the following personal information:

• Basic contact details – your name, address, email, and phone number

• Emergency contact and GP details – used only if there is serious risk to you or others

• Relevant health information – including prescribed medication (to support your safety in therapy)

• Therapeutic notes – brief anonymised session notes

• Technical information – if you access therapy online, some information such as your IP address may be collected by the video platform used (e.g. Zoom Workplace)

​

Why I collect your data

​I collect and use your data to:

• Provide you with counselling services

• Maintain secure and accurate records in line with professional standards

• Contact you regarding appointments

• Take appropriate action in the event of a serious risk to you or others

• Comply with legal obligations or professional codes of conduct

Your data is collected with your knowledge and consent, either through direct communication or your signed counselling agreement.

​

How your data is stored

​​Your personal information is stored securely:

• Electronic records (such as contact details and anonymised notes) are stored on a password-protected and encrypted device.

• Emails are stored securely via Gmail, which complies with industry-standard security protocols.

• Session notes are anonymised and kept separately from identifiable information.

• No physical paper records are kept.

I will keep anonymised session notes for five years after therapy ends, in line with insurance and ethical guidance, then securely delete them.

​

Sharing your data

I will not share your personal information with any third party unless:

• You give your explicit consent

• I am legally required to do so (e.g. by court order)

• There is serious concern for your safety or someone else’s, and breaking confidentiality is necessary

In such cases, I will always try to speak with you first, unless doing so would increase the risk.

​

Your rights under GDPR

​​You have the right to:

• Access the personal data I hold about you

• Request corrections if your information is inaccurate or incomplete

• Request deletion of your data (in certain circumstances)

• Restrict processing of your data

• Object to how your data is used

• Lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been mishandled: www.ico.org.uk

To make a request, please email me at paulbutlincounsellor@gmail.com.

​​

Lawful basis for processing your data

​Under the UK GDPR, the lawful basis for collecting and using your data is:

• Contractual – to provide a counselling service to you

• Legitimate interest – maintaining secure records for professional, ethical and legal reasons

• Vital interest – in rare cases, to protect life in an emergency

• Legal obligation – where required by law

​

Use of cookies and third-party services

​This website may use cookies for basic functionality. Any third-party platforms (e.g. Zoom Workplace) may also collect minimal data to enable remote sessions. Please check their privacy policies for details.

​

Changes to this policy

​​This privacy policy may be updated occasionally to reflect changes in legislation or practice. The most recent version will always be available on this website.

​

Contact

​​If you have any questions about this policy or how your data is handled, please contact: paulbutlincounsellor@gmail.com

​

​

​

​