HomePrivacy Policy
Privacy Policy

Please read this carefully before using our website or services. If you do not agree with these terms you are not advised to use this website or services.

Your use of this website is deemed to be an agreement with this Privacy Policy and our Terms and Conditions. Please do not continue to use our website or services if you do not agree to these terms. We may make changes to these terms without giving notice. Please check them from time to time and make note of any changes.

In order to provide you with the best service possible CAS needs to hold your personal contact details and records of your appointments. This privacy notice tells you what CAS will do with your personal information from your initial contact up until after therapy has ended.

This policy outlines your rights and CAS’ obligations to you with regard to the recording and storage of your personal information. In this privacy policy CAS will let you know what information is required to be collected before and during your appointments with CAS. CAS will set out how your information will be stored, how long for and who this will be shared with.

CAS Psychological Services adheres to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003. CAS also adheres to the ethical guidelines regarding protecting client privacy and confidentiality set by the British Psychological Society (BPS).

What the GDPR States

The GDPR states that CAS must have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which CAS is processing your data.

  • If you have had therapy through CAS and it has now ended, CAS will use legitimate interest as lawful basis for holding and using your personal information.
  • If you are currently having therapy of if you are in contact with CAS to consider therapy your personal data, CAS will process your personal information where it is necessary for the performance of the contact.

The GDPR ensures CAS will look after any sensitive personal information that you may disclose appropriately.

The GDPR require all organisations to store personal information about people may only do so provided the information is:

  • Processed lawfully, fairly and in a transparent manner.
  • Collected for specified, explicit and legitimate purposes.
  • Adequate, relevant and limited to what is necessary; accurate and, where necessary.
  • Kept up to date; kept in a form that permits identification of information subjects for no longer than is necessary for the purposes for which the personal information 
  • Processed in a manner that ensures appropriate security of the personal information
Why does CAS need to process your personal information

CAS will need to store your personal information both electronically and where necessary in hard copy in order to fulfill the contract that will be or has been entered into with you . Personal information is stored electronically on devices that are password and/or fingerprint I.D. protected, and in files that are further password protected and only accessible by specified clinical professionals involved in your care. Names and contact details are stored separately to other personal information (anonymised format).

At the end of your treatment with CAS all clinical notes will be archived electronically on a password protected drive for a period of 5 years.

Consultation Stage

When booking your first appointment with CAS, brief personal information will be stored to aid processing your enquiry. CAS will meet with you prior to your appointment via the telephone. During this meeting you will be asked to provide your name, preferred contact number, address, psychological concerns that you would like to address and symptoms.

This information is requested so that you can be kept up to date and in case of any unforeseen circumstances which may impact your appointment. If you do not wish to be contacted under any circumstances you do not need to provide a contact method.

Who will my personal information be shared with?

Some of your personal information may be shared with your GP, healthcare professionals currently involved in your care, or other professionals under exceptional circumstances. Examples of this include by requirement of a court order, the threat of serious physical harm to you or others. Your clinical professional will receive supervision, it is expected that they discuss their clinical work which includes divulging confidential information to their supervisor. 

 

Confidentiality will only be broken if there are legal or ethical obligations to disclose, for example, if you disclose abuse/neglect of a child or vulnerable adult, or say something else that implies serious harm to yourself or others, or if a court of law requires me to disclose information.

 We will seek your consent to share this information in an anonymised form for marketing and research. If you wish to opt out of this, you can do this at any time by contacting CAS and informing us. We may also use your information to share information about services we think you may be interested in, unless you have opted out of this. We have a mailing list which you may opt out of also.

Complaints

If you have any complaints about how CAS handles your personal information, please do not hesitate to get in touch by emailing or using the contact form on the website. If you want to make a formal complaint about the way your personal information has been processed you can contact the ICO which is the statutory body that oversees data protection law in the UK. Helpline number: 0303 123 1113. 

Website: https://www.ico.org.uk.

For more information go to ico.org.uk/make-a-complaint.