GDPR Policy

Alexa Vaughan at Yellow Ladder Hypnotherapy

Why do you need my data?

I will only collect data relevant to the therapy I am carrying out. Data is required in order to create therapy sessions that are appropriate to the client needs. Contact information allows me to reach you in case of a change in circumstances or for us to pass to emergency services if there is deemed to be a safety risk to the client or others.

How will my data be stored?

In accordance with GDPR I ensure that your personal, confidential and sometimes sensitive data, is held privately and securely. Data collected includes but is not limited to name, address, GP details, email, phone number and circumstances leading to the need for therapy. This will be stored either on a password protected and encrypted drive or cloud-based server or in a locked fireproof box.

How long will you hold my information for?

Written records will be stored securely for 8 years after the last interaction with an adult client and up to the age of 25 for a child under 16 when last seen or 26yrs for 17–18-year-olds.

What if I would like my data to be destroyed before this date?

Under GDPR rules, you are able to request the deletion of any of your records at any time.

Am I able to see or get a copy of the information held by you?

In line with GDPR, yes, within 30 days

Are our discussions within the hypnotherapy sessions confidential?

Yes, unless I decide to discuss them with a supervisor, or I believe that you are about to harm yourself or another. If you are a minor we will discuss the conversations I have with your guardian/parent.

What if I see you outside of a hypnotherapy session?

I will not approach you but if you wish to approach me, I am always happy to say hello.

Will you discuss information about me with other health and social care professionals?

Only with your written consent.

Who is the Data Controller?

Alexa Vaughan is the data controller