top of page

Confidentiality, Data Protection, and Record Keeping Policy

 

Be Psychology Ltd provides psychological services including assessments, reports, consultancy, supervision, and psychotherapy. This policy outlines how we collect, store, use, and share personal data in accordance with the UK General Data Protection Regulation (UK GDPR).

1. Why Do We Collect Information About You?

We collect personal data, including special category data, to deliver psychological services safely and effectively. The lawful bases under the UK GDPR for processing personal data include:
- Legitimate interests
- Legal obligation
- Consent (particularly for special category data under Article 9(2)(a))

2. What Information Do We Collect About You?

We may collect:
- Personal identifiers (name, date of birth, address, contact details)
- Demographics (gender, occupation, family info)
- Health and psychological information
- Appointment and attendance records
- Information for legal/court reports
- Employment or associate-related data

3. How Do We Store the Information About You?

We store all personal information securely using encrypted systems in compliance with the UK GDPR. Access is restricted to authorised personnel. Clinicians must complete client records within 24 hours of appointments.

4. How Long Do We Keep Your Information?

- Clients accessing psychological assessments or treatment: 7 years after end of treatment or 7 years after 18th birthday for minors
- Legal/court reports: retained until case concludes, subject to solicitor instruction
- Job applicants: 12 months; employees: as per retention schedule post-employment

5. Who Do We Share Your Personal Information With?

Your data is shared only when necessary and in accordance with confidentiality policies. We may share with:
- Insurers, GPs, emergency services (with consent or under legal obligation)
- Courts and solicitors (legal reports)
- Supervisors (under professional obligations)

6. Accessing and Correcting Your Information

You have the right to access, correct, transfer, or request deletion of your data. Requests must be submitted in writing. Requests involving legal reports should be directed to your solicitor.

7. Your Rights

You have rights including:
- Access to your data
- Correction of inaccuracies
- Objection to processing
- Data portability
- Erasure of data (right to be forgotten)

8. Complaints or Queries

For concerns or complaints, contact the Data Protection Officer. If unsatisfied, you may contact the Information Commissioner’s Office (ICO).

9. Other Websites

This policy applies to the Be Psychology website only. We encourage users to review privacy policies of other sites linked from ours.

10. Data Breaches

In the event of a data breach, BE Psychology will follow ICO procedures and notify affected individuals and the ICO when required.

11. Supervision and Confidentiality

Supervision records are kept confidential unless disclosure is required by law. Clinicians retain clinical responsibility for their clients.

12. Data Controller and Processor Roles

Be Psychology Ltd is the data controller. Associate Clinicians are data processors and must comply with this policy.

13. Contact Information and Policy Updates

Dr Brittni Jones is the Data Protection Officer. Contact via drbrittnijones@bepsychology.co.uk.

This policy is reviewed annually. Last updated on: 23 May 2025.

©2025 by BE Psychology Ltd     Registered in England - Number 13944168      Registered Address: 188 High Road, Loughton, Essex, IG10 1DN

bottom of page