top of page

Privacy Statement and Data Protection policy

Company number: 15224269

Owner/Director: Jane Winson, Systemic Family Psychotherapist

Registered with ICO: 00015385610

​

Reflection Connection Therapy offer psychotherapy including clinical supervision and consultancy services to individuals, couples, families, organisations. Reflection Connection Therapy is registered with the Information Commissioners Office (ICO) and committed to keeping up to date and being informed of requirements of managing all data in a safe and secure way. 

​

General Data Protection Regulation (GDPR) came into effect from 25 May 2018. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries.

 

This document sets out how Jane Winson, Director complies with these laws.

​

Data control

Jane Winson, Directory is the data controller for Reflection Connection Therapy Ltd. We adhere GDPR (2018) regulations in relation to managing data. Any questions or queries can be sent by email to jane@reflectconnecttherapy.co.uk

​

What personal data we process

Reflection Connection Therapy Ltd collects and processes the following personal data from therapy clients:

  • Personal data: basic contact information: name, address, email, contact number, video conference ID (if online therapy), and GP contact details.

  • Sensitive personal data: Signed consent to the psychotherapy agreement, psychotherapy records, clinical supervision contracts, clinical supervision records, (therapist notes, letters, reports and/or outcome measures).

​

The lawful basis for processing personal data

Reflection Connection Therapy Ltd has a legitimate interest in using the personal data and sensitive personal data we collect to provide psychotherapy inclusive of clinical supervision, and consultancy services. It is necessary for us to collect this data to be able to provide psychotherapy to clients and clinical supervision and consultancy to identify clients, should an issue or risk arise and the GP needs contacting or a safeguarding issue reported to the relevant team (see Safeguarding children and vulnerable adults policy). We may also ask for feedback on how you experienced our service for the purpose of our own marketing research. We will never sell your information to others.

​

What we do with your personal information

We take your privacy seriously. We will only use your personal information to provide the services you have requested from us. If you do not provide the personal information requested, then we may be unable to provide a psychotherapy service to you as we must collect identifiable information in case there is a concern regarding risk to self and others and we need to contact a third party concerning this risk.

​

How long we store personal information.

We will only store your personal information for as long as it is required by standard for our service and governing bodies. The sensitive personal data defined above is stored for a period of 7 years after the end of psychotherapy. After this time, this data is deleted at the end of each calendar year. No card payment details are stored, they are all taken using licensed payment process Software of Izettle or Stripe. 

​

How your personal information is used

We use the information we collect to (1) Provide our services to you (2) send you information related to a change in our services. 

​

Sharing your information

We hold information about each of our clients and the psychotherapy service they receive in confidence.  This means that we will not normally share your personal information with anyone else. However, there are exceptions to this when there may be need for liaison with other parties:

  • If you are referred by your health insurance provider, or otherwise claiming through a health insurance policy to fund therapy, then we will share appointment schedules with that organisation for the purposes of billing.

​​

In exceptional circumstances, we might need to share personal information with relevant authorities:

  • When there is need-to-know information for another health provider, such as your GP.

  • When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.

  • When the information concerns risk of harm to the client, or risk of harm to another adult or a child. We will try to discuss such a proposed disclosure with you unless we believe that to do so could increase the level of risk to you or to someone else.

 

What we will NOT do with your personal information – We will not share your personal information with third parties for marketing purposes.

​

How we ensure the security of personal information

Personal information is minimised in phone and email communication. We use a password protected Wifi and information stored on the computer and work phone is password protected.  

 

Any information stored on third party servers e.g. OneDrive is protected with two factor authentications.

​

Personal information is also stored on an office computer and on a secure server owned by Reflection Connection Therapy Ltd. These are password protected. Malware and antivirus protection are installed on all computing devices.  Mobile devices are protected with a passcode.

​

Your right to access the personal information we hold about you 

  • You have a right to access the information we hold about you.

  • We will usually share this with you within 30 days of receiving a request.

  • There may be an admin fee for supplying the information to you.

  • We may request further evidence from you to check your identity.

  • A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy). 

  • You have a right to get your personal information corrected if it is inaccurate.

  • You can complain to a regulator. If you think that we haven’t complied with data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office.

 

Reflection Connection Therapy Ltd reserves the right to refuse a request to delete a client’s personal information where this is psychotherapy records. Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by the UKCP.

​

Policy written January 2024

To be Reviewed January 2026

Reflect and Connect Psychotherapy offers tailored, evidence-based psychological interventions for individuals, couples, and families. Led by UKCP-registered therapist Jane Winson, with over 15 years’ experience, we specialize in addressing trauma and life challenges. Based in Rocester, Staffordshire, we provide in-person and online sessions in a confidential, supportive environment.

​Reflection Connection Therapy Ltd

ICO registered 00018637598

UKCP registered 2011169847

DBS checked

Company Number 15224269

Privacy Policy

© Reflect & Connect  Psychotherapy 2025. Website design by Effortless Websites.

bottom of page