Privacy Policy

Last updated: 07 October 2025

Introduction

Your privacy is very important to me. This privacy policy explains how I collect, use, store and protect your personal data from the initial point of contact (e.g. via my website, a referral or a directory) through to after your counselling has ended.

I adhere to current data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

About me

I am a person-centred counsellor working in private practice with clients aged 18 and over. If you have any questions, I am happy to talk them through. You can contact me at: info@eleanoreyrecounselling.com

Data Controller

The data controller responsible for your personal data is:

Eleanor Eyre
Eleanor Eyre Counselling
Registered with the Information Commissioner’s Office (ICO)
ICO Registration Number: ZB599144

How I use your information

Initial contact

When you contact me via the website form or email, I will collect basic personal information to respond to your enquiry. This may include your name, email address, and phone number. If you choose not to proceed with therapy, your information will be securely deleted within 4 months unless you request earlier deletion.

While accessing counselling

All information shared with me during counselling is treated as strictly confidential, except in the following circumstances where I have a legal or ethical obligation to break confidentiality:

  • If there is a risk of serious harm to yourself or others

  • In cases of safeguarding concerns (children or vulnerable adults)

  • If I am required to do so by law (e.g., terrorism or money laundering legislation)

  • In a medical emergency

  • If ordered by a court of law

Wherever possible, I will try to speak with you before breaking confidentiality, unless there are safeguarding issues that prevent this.

I will also keep minimal written records of our work together, such as contact details and anonymised, brief session notes. These are securely stored on a password protected device.

As a registered member of the British Association for Counselling and Psychotherapy (BACP), I attend regular clinical supervision. Any discussions within supervision are anonymised to protect your identity and confidentiality.

Online therapy and communication

I offer online therapy using Zoom, a secure video platform that complies with UK data protection standards. I do not record sessions. You are responsible for ensuring that you are in a private, secure space during sessions.

If you email me or contact me via my website form, your message is sent to my Proton Mail account, which uses end-to-end encryption. However, please note that no method of communication over the internet is 100% secure. Please avoid including sensitive clinical information in emails or forms.

Text messages are deleted within 28 days unless the content is clinically relevant—in which case, it may be securely stored with your records.

How I store your information

All digital records (such as contact details, notes, and correspondence) are accessed only be me. These are stored:

  • On a password-protected device

  • In files with client ID codes (not full names)

  • In locked, secure storage (for any physical documents)

Data retention

In line with BACP guidance and insurance requirements, I retain client records for 7 years after the end of our work together. After this time, your data will be securely destroyed.

If you wish to have your records deleted sooner, please make a written request. I will consider your request in line with legal and ethical obligations.

Clinical will

In the event that I am unexpectedly unable to continue providing therapy (for example due to a serious accident, illness or death), your contact details will be accessed by my clinical supervisor in order to inform and support you.

Website visitors & cookies

When you visit my website, Squarespace (the hosting provider) collects standard internet log data such as IP address and pages visited. This is used to understand general website usage patterns and does not identify you personally.

My website uses cookies to help the site function and improve your experience. You can control cookies through your browser settings. For more information, see Squarespace’s Privacy Policy.

Third parties

I do not share your personal data with any third parties for marketing purposes.

I may use trusted third-party services (such as Zoom or email providers) to support my work. These services are selected based on their compliance with UK GDPR and their commitment to data security. I ensure that they do not use your information for any other purpose.

Your rights

Under the UK GDPR, you have rights regarding your personal data, including:

  • The right to access the information I hold about you

  • The right to request correction of inaccurate data

  • The right to request deletion of your data (under certain circumstances)

  • The right to object to or restrict how your data is processed

  • The right to withdraw your consent (where consent is used as a basis for processing)

  • The right to lodge a complaint with the Information Commissioner’s Office (ICO)

You can learn more about your rights here: ico.org.uk/your-data-matters

Data breach procedure

In the unlikely event of a data breach that may compromise your personal information, I will notify you as soon as possible and report it to the ICO where required.

How to contact me

If you have any questions, concerns, or requests about your data, please contact:

Eleanor Eyre
info@eleanoreyrecounselling.com

Complaints

If you are unhappy with how I handle your data, please contact me in the first instance. If we cannot resolve the issue, you can raise a complaint with the Information Commissioner’s Office:

Website: www.ico.org.uk/make-a-complaint
Tel: 0303 123 1113