GDPR Policy

Terms: “Ciara”; “Ciara McKay” and “Fidra Hypnotherapy” are used interchangeably in this document.

1. How will my data be stored?

In May 2018 the Data Protection Act was replaced by the General Data Protection Regulations (GDPR). The changes to the Data Protection Act are aimed at ensuring that your personal, confidential and sometimes sensitive data, is held privately and securely.

2. How long will you hold my information for?

In line with the guidelines recommended by the National Council for Hypnotherapy (of which I am a student member), I will keep written records stored securely for:

·8 years after the last interaction with an adult client

·Until the client is 26 years old for a client who is 17/18 years old when last seen.

·Until the client is 25 years old for a child who is under 16 when last seen.

3. What if I would like my data to be destroyed before this date?

Due to the sensitive nature of what we do, my insurance company does not allow the deletion of data before the minimum time for holding said data.

4. Am I able to see or get a copy of the information held by you?

In line with GDPR, yes, this is possible within 30 days.

5. What are your reasons for collecting this information?

I collect this information in order to offer clients the highest possible quality of hypnotherapy services. During sessions, I may collect the following information:

·  What you would like to achieve by attending hypnotherapy.

A small amount of medical information.

Some brief session notes

Your contact details

Your GP contact details

·       Some basic information about the people who are important to you

This information allows Ciara to provide continuity during sessions, as she helps you towards your aims. This information will allow Ciara to refer to the content of earlier sessions and previous discussions. Ciara will only use your details/address and GP’s details with your explicit consent (there is one exception to this, which is explained below).

6. How do I know that you will store my information securely?

Initial consultation notes, ongoing session notes, and any other sensitive data will be taken on paper or will be stored as a PDF.

PDFs will be stored in a secure electronic folder which is protected by a PIN. Paper notes will either be:

Securely digitized and stored electronically, as above, then destroyed or locked in a filing cabinet stored behind a locked door.

Text messages: Ciara’s phone is PIN protected.

Emails: Fidra Hypnotherapy’s email account is protected by a “Strong” password.

7. Are our discussions within the hypnotherapy sessions confidential?

Yes, unless I need support from my supervisor or I believe that you are about to harm yourself or another.

8. What if I see you outside of a hypnotherapy session?

Fidra Hypnotherapy is obliged to protect your confidentiality at all times. So, for this reason, although Ciara may acknowledge you, it would be best if any further conversation could be avoided. However, if you wish to discuss your therapy with other people, that is your choice, and you are very welcome to do so.

9. Will you discuss information about me with other health and social care professionals?

Only with your written consent.

10. Who is the Data Controller and what is their ICO registration number?

Ciara McKay is the data controller, and her ICO registration number is ZC087708