Privacy Policy

I (Michaela Addis) understand how important your privacy is. I take care to maintain your

confidentiality in accordance with current data protection laws (General Data Protection

Regulation (GDPR), 2018) and the ethical guidelines of the National Counselling &

Psychotherapy Society (NCPS) and the National Hypnotherapy Society (NHS). These

guidelines have been set up to protect your confidential material and ensure that your

therapist (Michaela Addis) always conducts themselves with professionalism and integrity.

In order to provide you with the best service possible, I will hold your personal contact

details and records of your therapy sessions. I am registered with the Information

Commissioner’s Office (ICO) and you can find important information below about how your

information will be held and used.

Your personal information

I will collect and store your personal data securely in accordance with data protection laws.

My website and booking system is powered by GoDaddy and their system will automatically

store your name, email address and telephone number when sessions are booked. This

applies to all bookings, including relaxation sessions, workshops, initial consultations and

therapy sessions. You can find details of GoDaddy’s Privacy Policy on their website.

Your phone number is stored on my phone under your first name and first initial of your

surname. My phone is password protected and only accessible by me. Your details will be

deleted from my phone one month after therapy has ended.

I use Square for online payments and their system will automatically store your name, email

address and telephone number if you pay for a session via payment link or directly through

the website. You can find details of Square’s Privacy Policy on their website. Your contact

information is stored electronically and securely using password protection and can only be

accessed by me.

You will be subscribed to my monthly newsletter and you can opt out of these emails at any

time.

In order to be able to fulfil my duty of care to you, in your initial consultation or first therapy

session, I will ask you for contact information for your GP and elected Emergency Contact

person. These details will be stored securely and will only be accessible to me. This does not

apply to relaxation sessions or workshops.

Please note that I will need to keep your client record for 7 years after the end of your

therapy (or 7 years after a child I have been working with turns 18), so that I can respond

effectively to any potential requests regarding your clinical notes and treatment.

I will never pass on your contact details to any third party organisations for the purposes of

sales, marketing or research and will never use your personal data for any purposes otherthan the administration of the therapy service I am providing to you i.e. to arrange, cancel

and rearrange appointments and collect payment for sessions.

You may receive emails from Awaken Therapy for review purposes or to inform you of offers

or additional services you may be interested in. You can opt out of these emails at any time.

I cannot be held responsible for any failures in the security of third party services that are

used within my business i.e. GoDaddy or Square.

Your payment details

All payments are made through BACS transfer or directly through the website. I use Square

for online payments and their system will automatically store your name, email address and

telephone number if you pay for a session via payment link or directly through the website.

The payment card used for the transaction is also recorded (the type of card and last 4 digits

of the card number) and this allows the system to send you an online confirmation and

receipt for your transaction. You can find details of Square’s Privacy Policy on their website.

Payment details are recorded in my financial income reports, which are stored electronically

and securely using password protection and can only be accessed by me. This record holds

your account name (for BACS payments), unique client reference number and date of

transaction. His Majesty’s Revenue & Customs (HMRC) requires that I retain this information

for 5 years after the end of the financial year.

Your therapy sessions

Everything that you discuss with me is confidential, however, there are certain

circumstances in which I am required by law to break confidentiality:

• acts of terrorism

• drug trafficking and money laundering

• court orders or subpoenas

In addition to these examples, I am permitted by law to break confidentiality if there is

concern about your safety or the safety of someone else. Examples of discretionary

disclosures include:

• child protection and safeguarding

• protection of vulnerable adults

• risk of suicide or serious self-harm or harm to others

I will always endeavour to speak to you about this first. Further details can be found in the

code of ethics on the NCPS or NHS website.

During remote working (as part of the initial consultation, for example) I will ensure that I

am conducting online and telephone sessions in a quiet, private and confidential setting. I

have selected video calling platforms that offer end to end encryption to ensure maximum

privacy. Please note however that I cannot be held responsible for any breaches that occur

due to failures in this technology.I discuss my clinical work with a supervisor. This is to ensure that I am offering you the best service possible and that I am working in a safe and responsible way. These conversations are bound by confidentiality and you will only be referred to by initials.

I keep notes of each session. These are anonymised and held securely. These notes are for

my use only and help to keep a track of everything that is being discussed. They will only be

shared with your consent or if I am instructed to do so by a Court of Law. In line with

industry guidelines, these notes will be kept securely for 7 years after your therapy comes to

an end (or 7 years after a child I have been working with turns 18). After this time, they will

be confidentially destroyed.

If your sessions are paid for or arranged via a third party, (e.g. your employer, a friend, or a

family member), other than payment requests, invoices or receipts, information related to

your therapy will not be shared. Details about your sessions will remain confidential

between us, unless there is a need to break confidentiality based on the circumstances

outlined above. Any other information can only be shared if you provide your written

consent.

Work with children and young people

The clients I work with who are under 18 are entitled to the same levels of confidentiality as

my adult clients. Communication with parents/carers will always be based on the child’s

wishes, including reviews of progress. This will be discussed and agreed at the start of

therapy.

Your communications with me

If you use the contact form on the website, send an email, text or WhatsApp message, only I

will have access to it.

All phones, tablets and laptops used to respond to your emails are encrypted, fully

protected with anti-virus software and password protected.

There will usually be no contact outside of our therapy sessions.

Data Usage

I may use your email address and telephone number to contact you about your

appointments. I may also contact you directly via email in order to share information with

you that is pertinent to your therapeutic process. Your phone number will also be used to issue automatic appointment reminders via GoDaddy.

You may receive emails from Awaken Therapy for review purposes or to inform you of offers

or additional services you may be interested in. You will also be subscribed to the monthly

newsletter and can opt out of these emails at any time.

Your rights

Any personal data retained by me is kept in accordance with the GDPR, 2018.

Under these guidelines you have the following rights:

1. The right to request access to your data

You can request to view the information that I hold about you (contact details, appointment

logs etc.) at any time. If during therapy you would like to see your session notes, please let

me know. Should you require a copy of your notes after your therapy has come to an end

you can make this request by emailing ki@awakentherapy.co.uk or calling 07747 361799.

2. The right of rectification

At any point during your time using my service or during the 2 years thereafter, while I retain

your records, you have the right to request amendments to your contact details or session

notes. This right can be exercised either by speaking directly to me or by contacting me in

writing.

3. The right to be forgotten

You can request that I delete and confidentially destroy the information that I hold about

you and your sessions at any time. This request can be made by contacting me at

ki@awakentherapy.co.uk.

Instances where I would not be able to comply with your request are as follows:

a) It is necessary for me to retain these records in order to continue providing an

effective service

b) I am compelled to retain these records by a Court of Law

c) I require these records in order to establish, exercise or defend legal claims

Consent

When you book your first session with me, you will be asked to sign a contract to confirm

that you consent to the storage and processing of your personal data for the purposes of

providing therapeutic services.

For relaxation sessions and workshops, you are confirming your consent by making a

booking.

You are entitled to withdraw this consent at any time and can do so by emailing me

at ki@awakentherapy.co.uk.

Breaches of data protection

In the event of any breach of my data protection policies, I will notify you and the ICO, if

appropriate, within 72 hours and will seek to rectify this immediately.

Raising concerns

Should you have any concerns about my data protection practices, you can raise these

directly with me. You can also notify the Information Commissioner’s Office.

Policy created: 31st March 2022 (Latest update: 24th February 2025)