Data Protection Policy

  1. Introduction
    Fiona Chadwick Counselling & Psychotherapy is committed to protecting the personal data of clients in compliance with the General Data Protection Regulation (GDPR) and relevant Irish data protection laws. This policy outlines how client data is collected, stored, and processed securely and lawfully.
  2. Purpose
    This policy ensures that all personal and sensitive data is handled responsibly, maintaining client confidentiality, privacy, and security.
  3. Data Collection
    Personal data collected may include:
  • Contact details (name, phone number, email, address)
  • Emergency contact information
  • GP details (if provided)
  • Session notes (kept in a professional and minimal format)
  • Any other relevant information provided by the client for therapeutic purposes
  1. Lawful Basis for Processing Data
    Client data is processed under the following lawful bases:
  • Consent: Clients provide explicit consent for the collection and storage of their data.
  • Contractual Obligation: Processing data is necessary to provide therapy services.
  • Legal Obligation: Data may be shared when required by law (e.g., safeguarding concerns).
  • Vital Interests: If there is an immediate risk to the client or others, relevant information may be disclosed to emergency services, next of kin, or a GP.
  1. Data Storage and Security
  • Client records are stored securely in line with professional and legal standards.
  • Digital records, if used, are encrypted and password-protected.
  • Paper records are kept in a locked, secure location.
  • Data will not be shared with third parties without explicit client consent, except where legally required.
  1. Retention and Disposal of Data
  • Client records are retained for a period of seven years after the last session, in line with professional guidelines.
  • After this period, all records are securely destroyed.
  1. Client Rights
    Clients have the following rights under GDPR:
  • Right to Access: Clients may request copies of their personal data.
  • Right to Rectification: Clients can request corrections to inaccurate or incomplete data.
  • Right to Erasure: In certain circumstances, clients can request data deletion.
  • Right to Restrict Processing: Clients can request limitations on how their data is used.
  • Right to Data Portability: Clients can request their data in a commonly used format.
  • Right to Object: Clients can object to data processing in certain situations.
  • Right to Lodge a Complaint: Clients can raise concerns with the Data Protection Commission (DPC) if they believe their data is not being handled correctly.
  1. Confidentiality and Data Sharing
  • Client data will not be disclosed to third parties without prior consent, except in cases of legal or ethical obligations.
  • Any breaches of data security will be reported in line with GDPR regulations.
  1. Policy Review
    This policy will be reviewed regularly to ensure ongoing compliance with data protection laws and best practices.

Contact Details
Fiona Chadwick Counselling & Psychotherapy
Email: