Privacy Policy
 

At Jewels of G.R.A.C.E Therapy

Your privacy is extremely important to me. This Privacy Policy explains how I collect, use, and store your personal information in compliance with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). I am committed to ensuring that your information is handled securely, confidentially, and in line with my obligations as a registered member of the British Association for Counselling and Psychotherapy (BACP) and the Information Commissioner’s Office (ICO).

By using this website and my services, you consent to the terms of this Privacy Policy.

---

1. Information I Collect

When you use my services or interact with my website, I may collect the following types of information:  

Personal Information: Name, address, email address, phone number, and other contact details.

Special Category Data: Health and wellbeing information shared during counselling sessions, which is processed with your explicit consent.

Booking Information: Details you provide when booking appointments via my booking page run by Zoho Bookings.

Website Usage Data: Information collected via cookies or analytics tools .

---

2. Lawful Bases for Processing

I process your personal data under the following lawful bases:

Contractual Obligation: To provide you with counselling services.

Explicit Consent: For processing special category data, such as health information.

Legitimate Interests: To maintain accurate records and provide a safe and effective service.

---

3. How I Use Your Information

Your information is used for the following purposes:

To provide counselling services tailored to your needs.

To manage bookings and communicate with you regarding appointments.

To comply with legal, regulatory, and professional obligations.

To maintain accurate and secure records for therapeutic purposes.

---

4. Third-Party Platforms and Links

My website uses third-party platforms to enhance your experience:

Zoho Booking System: When you book an appointment, you will be redirected to Zoho Bookings platform, which is GDPR-compliant. Zoho Bookings may collect and store your information as part of the booking process. For more details, please review Zoho Bookings Privacy Policy.

Instagram Widget: My website features an Instagram widget, which may collect data about your interaction. Please refer to Instagram’s Privacy Policy for more information.

I am not responsible for the privacy practices of third-party websites, and I encourage you to review their policies directly.

---

5. Cookies and Website Tracking

This website may use cookies to enhance your browsing experience. Cookies are small files stored on your device to track website usage and improve functionality. You can manage or disable cookies via your browser settings.

If analytics or tracking tools are used, they will comply with GDPR requirements. A cookie consent banner will appear on your first visit to this site, allowing you to manage your preferences.

---

6. Confidentiality

All information shared in counselling sessions is confidential and will not be disclosed to third parties unless:

Required by law (e.g., safeguarding concerns or court orders).

There is a risk of serious harm to yourself or others.

You provide explicit consent to share information (e.g., with another healthcare provider).

Where possible, I will discuss any necessary breaches of confidentiality with you beforehand.

---

7. Data Storage and Security

Personal information is stored securely, whether in digital or physical format.

Paper records are stored in locked files.

Digital data is encrypted, password-protected, and stored in GDPR-compliant systems.

Zoho Bookings handles booking data on its secure platform.

---

8. How Long I Keep Your Data

I retain client records for up to 7 years after our last contact, as required by professional guidelines. After this period, records are securely destroyed.

---

9. Your Rights

Under GDPR, you have the following rights:

Access: Request access to the information I hold about you.

Correction: Request corrections to any inaccurate or incomplete data.

Erasure: Request deletion of your data, subject to legal or professional record-keeping requirements.

Restriction: Restrict how your data is processed in certain circumstances.

Objection: Object to the processing of your data under legitimate interests.

Data Portability: Request your data in a portable format.

To exercise any of these rights, please contact me using the details below.

---

10. Data Breaches

In the unlikely event of a data breach, I will notify affected individuals and the ICO as required by law.

---

11. Children and Vulnerable Adults

If you are under 18 or a vulnerable adult, I require parental/guardian consent or appropriate support to process your personal data.

---

12. Contact Details

If you have any questions about this Privacy Policy or how your data is handled, please contact me at:

Email: julie@jewelsofgracetherapy.co.uk

Phone: +44 7514695554

ICO Registration:

Jewels of G.R.A.C.E Therapy is registered with the Information Commissioner’s Office (ICO) under registration number ZB856653.

If you are not satisfied with how your data is managed, you have the right to contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.

---

13. Updates to This Policy

This Privacy Policy may be updated periodically to reflect changes in legal or professional requirements. The latest version will always be available on my website.

Updated on 04/02/25