Privacy Policy


Your privacy matters. This policy explains how I collect, use, store, and protect your personal information when you access counselling or mindfulness services through my practice. It follows UK GDPR, the Data Protection Act 2018, and the ethical standards of my professional body.

What Information I Collect

To provide a safe and effective service, I may collect:

  • Your name, contact details, and date of birth

  • Emergency contact and GP details (with your consent)

  • Medical or mental health history relevant to therapy

  • Brief notes from sessions

  • Payment or invoicing details (if applicable)

How I Collect It

Your data is collected:

  • When you contact me via email, phone, or my website

  • During assessment and therapy sessions

  • From any forms or documents you complete

Why I Collect Your Data

I use this information to:

  • Provide personalised counselling

  • Contact you about sessions or changes

  • Meet legal, ethical, and insurance requirements

Lawful Basis for Processing

Your data is processed under:

  • Contract – to deliver counselling services

  • Consent – for sensitive data like health information

  • Legal obligation – for safeguarding or record-keeping

  • Legitimate interests – to run my practice effectively and ethically

How Your Data Is Stored

Your data is stored securely:

  • Electronically with encryption and password protection

  • Paper files (if used) are locked away

  • Your contact info and session notes are stored separately for added privacy

I retain records for up to 7 years after therapy ends, as required by professional and insurance standards, after which they are securely destroyed.

Sharing Your Information

Your data will remain confidential unless:

  • You give explicit, written permission

  • There is a legal obligation to disclose

  • There is a serious risk of harm to yourself or others

  • It is shared anonymously with a supervisor (a required part of ethical practice)

Your Rights

Under UK GDPR, you have the right to:

  • Request access to your personal data

  • Ask for corrections to incorrect or outdated information

  • Request deletion (where appropriate)

  • Withdraw consent at any time

  • Object to or restrict certain uses of your data

To exercise these rights, please contact me directly.

If you are concerned about how your data is handled, you can contact the Information Commissioner’s Office (ICO):
www.ico.org.uk | 0303 123 1113

Online Sessions & Website Use

If we work online (e.g. via Zoom), I use encrypted, secure platforms that comply with GDPR. Sessions are never recorded.

This website may use cookies for basic functionality.

Updates to This Policy

This policy is reviewed regularly and updated when needed. The latest version will always be available on this website.

Questions
Please feel free to contact me at danielle@thejourneymind.co.uk with any concerns or queries about your privacy or this policy.

Effective Date: 21 July 2025
Data Controller: Danielle Frake
Contact: danielle@thejourneymind.co.uk