PRIVACY POLICY

The Psych Practice aims to be as clear as possible about how and why information about you is used so that you can be confident that your privacy is protected. This policy describes the information that The Psych Practice collects when you use the service. This information includes personal information as defined in the General Data Protection Regulation (GDPR) 2016 [and the subsequent UK Data Protection Bill that will be enacted from May 25th 2018.

The policy describes how The Psych Practice manages your information when you use our services, if you contact us or when we contact you. The Psych Practice uses the information collected in accordance with all laws concerning the protection of personal data, including the Data Protection Act 1998 and the GDPR 2016. As per these laws, The Psych Practice is the data controller; if another party has access to your data, we will tell you if they are acting as a data controller or a data processor, who they are, what they are doing with your data and why The Psych Practice needs to provide them with the information.

Please contact us if you have any queries on:

Telephone: 020 8058 4060

Email: Admin@thepsychpracticetpp.com

If you are not satisfied with the answers from the Data Protection Officer, you can contact the Information Commissioner’s Office (ICO) https://ico.org.uk.

1. Why do we need to collect your personal data?

The Psych Practice needs to collect information about you so that we can know who you are and communicate with you in a personal way. The legal basis for this is a legitimate interest.

  • Deliver services to you. The legal basis for this is the contract (verbal or written) with you.
  • Process your payment for services. The legal basis for this is the contract with you (verbal or written).
  • Verify your identity do that we can be sure we are dealing with right person. The legal basis for this is a legitimate interest.
  • Contact you in case there is a problem. The legal basis for this is a legitimate interest.
  • Provide you with useful information about services provided. The legal basis for this is legitimate interest. 
2. What personal information do we collect and when do we collect it?

For The Psych Practice to provide you with services, we need to collect the following information:

  • Your name
  • Your contact details including a postal address, telephone number(s) and electronic contact such as email address.
  • Your payment card/bank/insurance details
  • Diagnostic instrument data

The Psych Practice collects this information directly from you.
We may also collect information about you from third parties; such as another health professional (such as your Doctor) to provide a complete health assessment

3. How do we use the information that we collect?

The Psych Practice will use the data collected from you in the following ways:

  • To communicate with you so that we can inform you about your appointments with us. This will involve the use your name, your contact details such as your telephone number, email address or postal address.
  • To deliver the correct service to you we will use your name, your contact details and the details about you.
  • To create your invoice we will use your name and email address, bank or insurance details.
  • To process your payment, we will use your name and your payment card /bank or insurance details.
4. Where do we keep the information?

The Psych Practice will keep your information in the stores described below.

4.1. On our company computers
The Psych Practice uses personal computers which are password protected and encrypted hard drives. Passwords are not shared.

All data is saved on Dropbox in keeping with GDPR guidelines.

4.2. As a paper copy
We take handwritten/electronic notes when we meet you. These notes are used to create the report that we provide to you, and relevant third parties e. g your Insurance company, G.P with your consent

5. How long do we keep the information?

We keep the electronic invoice for seven years as this is the required length to comply with the HMRC requirements. After seven years we delete the invoices using the Sage delete function.

The Psych Practice will keep your reports for 10 years as this is the requirement for clinical data.

6. Who do we send the information to?

The Psych Practice will send your report to you and anyone we are required by law to inform. All reports that are sent electronically are sent as attachments that are encrypted and password protected.

The Psych Practice will send the paper copy of our invoices to you, our accountant or Insurance Company. The accountant is based in the UK and all their computer systems are in the UK

7. How can I see all the information you have about me?

You can make a subject access request (SAR) by contacting the Data Protection Officer. The Psych Practice may require additional verification that you are who you say you are to process this request.

We may withhold such personal information to the extent permitted by law. In practice, this means that we may not provide information if we consider that providing the information will violate your vital interests.

8. What if my information is incorrect or I wish to be removed from your system?

Please contact the Data Protection Officer. The Psych Practice may require additional verification that you are who you say you are to process this request.

If you wish to have your information corrected, you must provide us with the correct data and after we have corrected the data in our systems, we will send you a copy of the updated information in the same format at the subject access request in section 7.

9. How can I have my information removed?

If you want to have your data removed The Psych Practice have to determine if we need to keep the data, for example in case HMRC wish to inspect our records. If we decide that we should delete the data, we will do so without undue delay.

10. Will we send emails and text messages to you?
As part of providing our service to you The Psych Practice will send your report to you via email (if required). The report will be encrypted, and password protected. Also, as part of this service, we will need to send details of your appointments to you. To protect your information, we prefer to use an end-to end encrypted messaging service. If you are not able to use such a service, we may use SMS (text messages); however, this does increase the risk of someone intercepting the message.
11. How do I opt out of receiving emails and/or text messages from us?

If you are receiving text /email messages from The Psych Practice, you may unsubscribe at any time by letting us know.