top of page

Privacy Policy

This information sheet describes the information that I collect and how it is managed when you use my services.

​

I am a Clinical Psychologist offering psychological assessment and treatment to people. To provide you with a service, I will need to keep information about you/your child. I take your privacy and the storage of information very seriously and comply with UK GDPR (General Data Protection Regulation). I follow the law and adhere to the professional codes of conduct stipulated by the Health and Care Professions Council (HCPC) and the British Psychological Society (BPS) to ensure I am delivering safe and quality care. I am registered as a data controller with the ICO (Information Commissioners Office) and my registration number is ZB403835.

​

​

What information do I collect and why?

​

As part of the service I offer, I will collect information from you. This will include personal data such as name, date of birth, address, contact details, school, GP and emergency contact details. I also collect sensitive data such as your gender and health data including psychological and social history and current difficulties.

Some information I collect is considered ‘special category data’. My lawful basis for collecting this information is ‘provision of healthcare treatment’ and ‘legitimate interest’ as this information will enable me to provide a health service. My professional registration requires me to keep information about my clients and the work that I do. I collect details of your emergency contact and your GP because I have a duty of care to seek support if you or someone else is at risk of harm. 

​

When you enter details into the 'contact me' form on this website, your personal information will only be used for the specific reasons stated below.

​

 

What do I use this data for?

​

  • To provide you with services

  • For billing and processing payments

  • To prevent serious harm 

I will not use your data for marketing purposes.

​

​

What information do I share?

​

Material discussed in sessions is kept strictly confidential with a few exceptions. I may need to break confidentiality if you/you child or others could be at risk of harm or for requirements of the law. This may include sharing information with parents (for those under 18) or with bodies such as social services if appropriate. This step would be only taken after careful consideration and I would aim to discuss this with you before passing the information on, as is best practice, though this is not always possible.

​

Unless agreed, I will not disclose any information about the content of our sessions to the GP or other healthcare professionals unless I have consent to do so or unless there is a concern about risk to yourself/your child or someone else. I may also discuss with you, sharing information with other bodies such as school or other health professionals if this feels appropriate as part of your care. 

I receive supervision from another Clinical Psychologist where I will discuss our work and will keep client identity anonymous.

​

When you enter information to the 'contact me' page of this website (hosted by wix.com), your data may be stored through Wix's.com data storage, databases and the general wix.com applications. The data is stored on secure servers behind a firewall. 

​

How do I store and keep your data safe?

​

Your data will be stored securely through the following means. Information stored on paper will be stored in a locked storage when not required. Electronic information will be stored on a password protected laptop which has antivirus software. Your email address and emails will be stored on my email account which is with an encrypted email service, compliant with GDPR. Your phone number will be saved on a work mobile phone using only initials. This will be used to contact in emergencies or to communicate with you about appointments and cancellations etc. Please do not send sensitive information by SMS. If I send reports electronically, they will be sent with password protection. 

 

​

How long do I keep your data?

​

In line with professional guidance, for children, records will be kept securely until they are 26 years old and for adults, records will be kept for 7 years and then destroyed securely. 

​

​

Website Cookies

 

This website uses Essential Cookies which are needed for the website to run properly and also for it to run safely and securely. These Essential Cookies cannot be disabled. 

​

 

You have the right to the following:

​

  • to obtain a copy of your personal data and receive it within a month without a fee. This is restricted to information about yourself and not third parties or occasions where disclosure could place you or others at risk of harm. 

  • to request for personal data to be corrected if you consider it inaccurate. 

 

Please see the Information Commission Office for further information on your rights (www.ico.org.uk). 

 

For more information, to ask a question or you are unhappy about the way your data is handled, please contact me on drsohinishah@protonmail.com or by phone. You also have the right to make a complaint to the UK’s Information Commission Office (ICO) about how your data is handled.

bottom of page