Privacy Policy

I (Michaela Addis) understand how important your privacy is. I take care to maintain your confidentiality in accordance with current data protection laws (General Data Protection Regulation (GDPR), 2018) and the ethical guidelines of the National Counselling & Psychotherapy Society (NCPS) and the National Hypnotherapy Society (NHS). These guidelines have been set up to protect your confidential material and ensure that your therapist (Michaela Addis) always conducts themselves with professionalism and integrity.

In order to provide you with the best service possible, I will hold your personal contact details and records of your therapy sessions. I am registered with the Information Commissioner’s Office (ICO) and you can find important information below about how your information will be held and used.

Your personal information

I will collect and store your personal data securely in accordance with data protection laws. My website and booking system is powered by GoDaddy and their system will automatically store your name, email address and telephone number when sessions are booked. This applies to all bookings, including relaxation sessions, workshops, initial consultations and therapy sessions. You can find details of GoDaddy’s Privacy Policy on their website. 

Your phone number is stored on my phone under your first name and first initial of your surname. My phone is password protected and only accessible by me. Your details will be deleted from my phone one month after therapy has ended.

I use Square for online payments and their system will automatically store your name, email address and telephone number if you pay for a session via payment link or directly through the website. You can find details of Square’s Privacy Policy on their website. Your contact information is stored electronically and securely using password protection and can only be accessed by me.

You will be subscribed to my monthly newsletter and you can opt out of these emails at any time.

In order to be able to fulfil my duty of care to you, in your initial consultation or first therapy session, I will ask you for contact information for your GP and elected Emergency Contact person. These details will be stored securely and will only be accessible to me. This does not apply to relaxation sessions or workshops.

Please note that I will need to keep your client record for 7 years after the end of your therapy (or 7 years after a child I have been working with turns 18), so that I can respond effectively to any potential requests regarding your clinical notes and treatment.

I will never pass on your contact details to any third party organisations for the purposes of sales, marketing or research and will never use your personal data for any purposes other than the administration of the therapy service I am providing to you i.e. to arrange, cancel and rearrange appointments and collect payment for sessions.

You may receive emails from Awaken Therapy for review purposes or to inform you of offers or additional services you may be interested in. You can opt out of these emails at any time.

I cannot be held responsible for any failures in the security of third party services that are used within my business i.e. GoDaddy or Square.

Your payment details

All payments are made through BACS transfer, via a secure payment link that is sent to you or directly through the website. I use Square for online payments and their system will automatically store your name, email address and telephone number if you pay for a session via payment link or directly through the website. The payment card used for the transaction is also recorded (the type of card and last 4 digits of the card number) and this allows the system to send you an online confirmation and receipt for your transaction. You can find details of Square’s Privacy Policy on their website. Payment details are recorded in my financial income reports, which are stored electronically and securely using password protection and can only be accessed by me. This record holds your account name (for BACS payments), unique client reference number and date of transaction. His Majesty’s Revenue & Customs (HMRC) requires that I retain this information for 5 years after the end of the financial year.

Your therapy sessions

Everything that you discuss with me is confidential, however, there are certain circumstances in which I am required by law to break confidentiality:

• acts of terrorism
• drug trafficking and money laundering
• court orders or subpoenas

In addition to these examples, I am permitted by law to break confidentiality if there is concern about your safety or the safety of someone else. Examples of discretionary disclosures include:

• child protection and safeguarding
• protection of vulnerable adults
• risk of suicide or serious self-harm or harm to others

I will always endeavour to speak to you about this first. Further details can be found in the code of ethics on the NCPS or NHS website.

During remote working (as part of the initial consultation, for example) I will ensure that I am conducting online and telephone sessions in a quiet, private and confidential setting. I have selected video calling platforms that offer end to end encryption to ensure maximum privacy. Please note however that I cannot be held responsible for any breaches that occur due to failures in this technology.

I discuss my clinical work with a supervisor. This is to ensure that I am offering you the best service possible and that I am working in a safe and responsible way. These conversations are bound by confidentiality and you will only be referred to by initials.

I keep notes of each session. These are anonymised and held securely. These notes are for my use only and help to keep a track of everything that is being discussed. They will only be shared with your consent or if I am instructed to do so by a Court of Law. In line with industry guidelines, these notes will be kept securely for 7 years after your therapy comes to an end (or 7 years after a child I have been working with turns 18). After this time, they will be confidentially destroyed.

If your sessions are paid for or arranged via a third party, (e.g. your employer, a friend, or a family member), other than payment requests, invoices or receipts, information related to your therapy will not be shared. Details about your sessions will remain confidential between us, unless there is a need to break confidentiality based on the circumstances outlined above. Any other information can only be shared if you provide your written consent.

Work with children and young people

The clients I work with who are under 18 are entitled to the same levels of confidentiality as my adult clients. Communication with parents/carers will always be based on the child’s wishes, including reviews of progress. This will be discussed and agreed at the start of therapy.

Your communications with me

If you use the contact form on the website, send an email, text or WhatsApp message, only I will have access to it.

All phones, tablets and laptops used to respond to your emails are encrypted, fully protected with anti-virus software and password protected.

There will usually be no contact outside of our therapy sessions.

Data Usage

I may use your email address and telephone number to contact you about your appointments. I may also contact you directly via email in order to share information with you that is pertinent to your therapeutic process.

Your phone number will also be used to issue automatic appointment reminders via GoDaddy. 

You may receive emails from Awaken Therapy for review purposes or to inform you of offers or additional services you may be interested in. You will also be subscribed to the monthly newsletter and can opt out of these emails at any time.

Your rights

Any personal data retained by me is kept in accordance with the GDPR, 2018.

Under these guidelines you have the following rights:

1. The right to request access to your data

You can request to view the information that I hold about you (contact details, appointment logs etc.) at any time. If during therapy you would like to see your session notes, please let me know. Should you require a copy of your notes after your therapy has come to an end you can make this request by emailing ki@awakentherapy.co.uk or calling 07747 361799.

1. The right of rectification

At any point during your time using my service or during the 2 years thereafter, while I retain your records, you have the right to request amendments to your contact details or session notes. This right can be exercised either by speaking directly to me or by contacting me in writing.

1. The right to be forgotten

You can request that I delete and confidentially destroy the information that I hold about you and your sessions at any time. This request can be made by contacting me at ki@awakentherapy.co.uk. 

Instances where I would not be able to comply with your request are as follows:

1. a) It is necessary for me to retain these records in order to continue providing an effective service
2. b) I am compelled to retain these records by a Court of Law
3. c) I require these records in order to establish, exercise or defend legal claims

Consent

When you book your first session with me, you will be asked to sign a contract to confirm that you consent to the storage and processing of your personal data for the purposes of providing therapeutic services. 

For relaxation sessions and workshops, you are confirming your consent by making a booking.

You are entitled to withdraw this consent at any time and can do so by emailing me at ki@awakentherapy.co.uk. 

Breaches of data protection

In the event of any breach of my data protection policies, I will notify you and the ICO, if appropriate, within 72 hours and will seek to rectify this immediately.

Raising concerns

Should you have any concerns about my data protection practices, you can raise these directly with me. You can also notify the Information Commissioner’s Office. 

Policy created: 31st March 2022 (Latest update: 24th February 2025)