Privacy Policy


Contact Information for 


The MindWell Clinic

Suite 49, 2nd floor Beechfield House,

Winterton Way, Macclesfield

Cheshire, SK11 0LP


Email: ronan@themindwellclinic.co.uk


I, Ronan Carolan am the Data Controller and Processor of The MindWell Clinic.


The MindWell Clinic is a Hypno- therapy business which provides hypno-therapeutic services to clients in the United Kingdom. The aim of this Privacy Notice is to explain how I collect, process and use your personal data and in doing so how we comply with data protection law and our obligations to you.

The MindWell Clinic is committed to protecting the privacy of our clients, of our prospective clients and users of our website. 


Client information is collected and retained by Mind Well Therapy if it is deemed necessary or of a ‘Legitimate Interest’ to fulfilling of the services provided to clients i.e. therapy. This information would be that which a client would reasonably expect me to hold and use, namely

·      Client’s or prospective client’s name 

·      Client’s or prospective client’s telephone number

·      Client’s or prospective client’s email address (if provided)

·      Confirmation that the client or prospective client is over 18 years of age

·      Information provided to us by a client or prospective client relating to reasons why they wish to consider therapy

·      Information shared with the client and therapist in therapy sessions

·      Information relating to interventions used by the therapist with the client in therapy sessions

·      Information relating to correspondence between therapist and client via emails, texts, Whatsapp, voice-notes, voice messages or zoom.

·      Information sent from any third party for example, General Medical Practitioner, Allied Health Practitioner, Occupational Health Provider, Insurance Provider, Employee Well-being Program (EAP)


Some of the information that clients will share with me will fall under the category of ‘special data’ by the General Data Protection Regulation.  In such cases, I am expected to process such information when it is deemed “ necessary for medical diagnosis, the provision of health care or treatment pursuant to contract with a health professional” (General Data Protection Regulation, 2016).

Information relating to allegations or proceedings, offences or convictions of a criminal nature will require specific consent from the client, in order for such information to be held.


All clients will receive a Requirements of Disclosure document as part of the Client Therapist Agreement in their initial meeting and I will require the client to sign and date this document, to acknowledge their understanding of when client information must be shared by The MindWell Clinic with third parties. Apart from the requirements stipulated in the Requirements of Disclosure documents, The MindWell Clinic will not share your information with anyone, with the possible exception of the client’s GP.


My accountant will see all payment information, namely debit or credit card information and PayPal records, which will contain client information. If a client wishes to redact data relating to their history with The MindWell Clinic, I request you do so by email to ronan@themindwellclinic.co.uk

Details of where data is held:

·       Any emails sent between us are held either on my computer’s hard drive or exchange server or if archived, in One Drive which is secure cloud-based storage which is itself GDPR compliant. Any that may be held on my mobile phone are fingerprint/code protected.

·       Any texts/Whatsapp messages/Messenger messages sent between us are held on my mobile phone which is fingerprint/code protected.

·       Your notes are handwritten and are kept in a locked filing cabinet. A numerical coding system enables the therapist to identify which notes relate to a particular client. Therefore a stranger or anyone other than the therapist seeing the notes would not be able to identify who they refer to. The coding system used to identify notes with clients is securely stored with password protection, on the therapist’s hard drive and archived on One Drive. Details on how to access this coding system are in therapist Professional Will and only accessible should the therapist become incapacitated or deceased.

·       Credit card information is shredded as soon as processed.

·       If you use PayPal or online banking then clearly these systems will hold your data. We will download from these systems for accounting purposes and the resulting spreadsheets are held in One Drive. When sent to our accountants, they will be password protected.

·       Your data is kept for 7 years. The length of time is based on the stipulation of our insurers. After this time any paper records are shredded and computer records permanently deleted.


Your Rights

• The right to be informed about the personal data the Company processes on you;

• The right of access to the personal data the Company processes on you;

• The right to rectification of your personal data;

• The right to erasure of your personal data in certain circumstances;

• The right to restrict processing of your personal data;

• The right to data portability in certain circumstances;

• The right to object to the processing of your personal data that was based on a public or legitimate interest;

• The right not to be subjected to automated decision making and profiling; and

• The right to withdraw consent at any time

Where you have consented to The MindWell Clinic processing your personal data and sensitive personal data you have the right to withdraw that consent at any time by contacting the Data Protection Officer, Ronan Carolan, ronan@themindwellclinic.co.uk
If you wish to complain about this privacy notice or any of the procedures set out in it, please contact ronan@themindwellclinic.co.uk


The MindWell Clinic takes the security of data seriously however we are not in control of data which is sent to us by other parties. Online applications can routinely access information held and this is beyond our control. If there is any breach of data, we will inform the ICO and any parties affected within 72 hours of the breach and endeavour to do whatever is necessary to minimise any potential impact to all parties concerned.


Cookies

As with many businesses, this website uses cookies. A cookie is a small amount of data or information sent to the browser of your device from a website’s computer and is stored on the hard drive of your device. Cookies record data relating to your online preferences. I do not use cookies to collect personally identifiable data or information about you. Cookies do enable me to understand how visitors to my website interact and engage with the information on the website and allows me to continually improve and enhance the visitor experience.


You are able to protect your privacy, by restricting or blocking cookies, through your browser settings. For more information about cookies and how to manage them is available at www.aboutcookies.org

 






Share by: