top of page

This Privacy Policy explains how therapy with Josh collects, uses, and protects your personal data in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.

 

1. About Me

 

I am a BABCP-accredited Cognitive Behavioural Therapy (CBT) practice. Our goal is to provide effective, evidence-based therapy while ensuring your personal information is handled securely and respectfully.

 

Contact Information:

Joshua Munn

Email: Joshuamunntherapy@outlook.com

 

2. Information I Collect

I collect the following personal information from clients:

 

Personal Details: Name, address, date of birth, contact details (email and phone).

 

Health Information: Medical history, GP details, mental health history, therapy notes, and any information relevant to your care.

 

Payment Information: Bank details or transaction data for processing payments.

 

Website Data: IP addresses and cookies, if you use my website.

 

3. How I use your Information

I collect and process your personal data to:

 

Provide CBT services tailored to your needs.

 

Communicate with you regarding appointments, therapy sessions, or relevant updates.

 

Maintain accurate therapy records.

 

Comply with legal or professional obligations, such as safeguarding requirements or data retention laws.

 

4. Legal Basis for Processing

I  process your personal data under the following legal bases:

 

Consent: You have given clear consent for us to process your data for therapy purposes.

 

Contract: Processing is necessary for delivering therapy services.

 

Legal Obligation: To comply with regulatory or legal requirements (e.g., safeguarding).

 

Legitimate Interests: To maintain accurate records and ensure effective service delivery.

 

5. Sharing Your Data

 

I only share your personal data when:

 

You provide explicit consent.

 

It is required by law or professional regulations (e.g., safeguarding concerns).

 

I  need to communicate with your GP or other healthcare professionals for your care (with your consent, unless in emergencies).

 

It is necessary for processing payments through secure providers.

 

6. Data Storage and Security

 

Storage: Personal data is securely stored electronically and/or in locked physical files.

 

Retention: Therapy notes and related data are retained for 7 years, in line with BABCP and legal guidelines.

 

Security Measures: I use encryption, password protection, and other safeguards to prevent unauthorized access to your data.

 

7. Your Rights

Under GDPR, you have the following rights:

Access: Request a copy of your personal data.

Rectification: Correct inaccurate or incomplete data.

Erasure: Request deletion of your data, subject to legal obligations.

Restriction: Limit how your data is processed.

Portability: Request transfer of your data to another provider.

Objection: Object to data processing under certain circumstances.

To exercise your rights, contact us at [your email].

 

8. Complaints

If you have concerns about how I handle your data, you can:

Contact us directly at [your contact information].

Lodge a complaint with the Information Commissioner’s Office (ICO):

Website: https://ico.org.uk

Phone: 0303 123 1113

bottom of page