Xplorio Therapy | CBT | ACT | EMDR | London

Privacy Statement

This website is operated by Xplorio Limited. We take your privacy very seriously, therefore, we urge you to read this policy carefully because it contains important information. On May 25th, 2018 new legislation, the General Data Protection Regulation (GDPR), came into effect. This law ensures that you are clearly informed about personal information held about you, that you have access to it, and that it is kept confidential. We will only use information provided to us for specified and lawful purposes as provided under the General Data Protection Regulation and will handle this information both respectfully and responsibly.  

In adherence with this new legislation, please carefully read through the Privacy Statement for Xplorio Limited on this page before contact us.

The personal information we collect and use:

A.   Personal information that you provide to us via our ‘contact us’ form.

B.   Cookies and similar technologies.

WHO ARE WE

Xplorio Limited provides psychological therapy and training directly to individuals and organisations. As a cognitive behavioural psychotherapist, I (Laura Kennedy) adhere to the code of ethics of the British Association of Behavioural and Cognitive Psychotherapies (BABCP). Information on the BABCP code of ethics can be found on their website (https://www.babcp.com)  

WHAT DATA I WILL COLLECT AND WHY?

You are likely to first make contact with me to inquire about one of my services through some form of electronic communication; email, website contact page, telephone voice message or text message. All emails to Xplorio Limited will be stored on Google Mail Cloud which is GDPR compliant and is securely password protected. Emails will be accessible from my iMac and android phone, which are fully password protected.

If your initial contact does not lead to engagement with one of my services, then your emails/messages and any information will be deleted. If you become a client, then the information will be stored as outlined in this statement. I will store your contact details in my telephone using your initials preceded by PC (private contact). My mobile phone is securely password protected to keep any messages you send confidential.

Cookies and Similar technology:

A cookie is a small text file which is placed on your computer or electronic device when you access a website. Cookies can be used to track users; actions and activities and to store information about them. We use cookies and/ or similar technologies to gather the following information:

- General location of your internet server (country and location within that country)

- IP address

- Referral source (the website in which you were directed)

- The pages you visited on our site

- The specific times that you visited each page 

YOUR REGISTRATION INFORMATION WILL INCLUDE

Should you decide to engage in therapy with me, you will be asked to complete a registration form. Stored registration information will include your name, address, date of birth, contact details and details of your next of kin. Your next of kin will only be contacted in case of an emergency.  Information will also be stored for anyone medically responsible for you such as your General Practitioner (GP) or if applicable, a referring psychiatrist or medical consultant. Clinical questionnaires will be used to gain a brief understanding of your mood, anxiety and risk. This information will also be stored for the purpose of reflecting on change and progress throughout your treatment.

Your email and/or telephone number will be used for the purpose of communicating any changes in agreed appointment time or sending you information such as worksheets, questionnaires, invoices and other agreed information.  You will also receive a weekly email or text message reminder of your appointment. Please opt-in to your preferred method of communication when completing the ‘consent to be contacted’ section of the registration form.

ONGOING DATA COLLECTION

All of the information I have held about you, such as your contact details, assessment information and subsequent notes from our meetings, will be stored on a patient management software system, WriteUpp. This software system is GDPR compliant and password protected. Your information is securely stored on their cloud and will not be downloaded to any of my computers or devices.

I may take paper process notes during your session or go through worksheets or questionnaires with you. Your name will not be added to these documents. You will be encouraged to take these forms with you for your own records. Should I need to keep any documents, they will be scanned and uploaded to WriteUpp, where I will also record brief notes about your session. Any paper notes from the session will be destroyed. This procedure allows me to limit the transport of any documents that could get lost.

In order to process payments and to keep track of my accounts, all invoices and related account information will be processed through WriteUpp. My accountant who is GDPR compliant may have access to your name, address and payment details but they will not have access to your personal information or any information about your treatment.

You have a right to access any of the data I keep on you and requests will be responded to within 30 days without charge. Any documents that may be posted to me by you, or on your behalf, will also be stored digitally and then destroyed.

CONFIDENTIALITY AND PSYCHOTHERAPISTS

Cognitive Behavioural Psychotherapists are regulated in the UK by the British Association of Behavioural and Cognitive Psychotherapies (BABCP). It is recommended that we keep information about our clients, such as contact details and session notes for seven years.

GDPR legislation ensures that you have the right to have your information deleted. Your data will be kept for seven years in guidance with the BABCP and then all of your contact details, session notes and electronic correspondence will be permanently deleted. Should you wish for this to be destroyed or amended before this expiry period, please contact me as you now have a legal ‘right to be forgotten’. 

CONFIDENTIALITY – WHEN THIS IS BREACHED

Psychotherapists have a clinical responsibility to uphold strict guidelines for the safety of adults, children and the community. Although it is my aim to fully uphold confidentiality at all times, there are legal exceptions where I may need to breach confidentiality without your permission. These include:

1.    Your Safety

-   If you have become incapacitated and are unable to communicate consent for yourself in   a situation of extreme emotional distress or in physical danger and I need to get you help.

-   If you have given me reason to believe you are going to end your life or seriously injure yourself.

-   If you are at risk from someone, such as a partner, family member, organisation, group, etc.

2.    Public Interest

-   If you disclose information about child abuse that may relate to the safety of children.

-   If you disclose information that may result in serious injury or harm to others, or compromise public safety.

3.    Supervision

-   All accredited therapists are required to attend ongoing peer supervision with the goal to engage in safe and reflective practice. I may discuss my clients with my supervisor for reflection and advice, however, no names or identifying details will be shared. For example, I may say I am working with a young father who is experiencing stress balancing a corporate career and being available for his family, rather than John Smith who works for ‘named’ bank...

Contacting us:

If you have any questions about this policy or the information we hold about you please contact us by emailing info@myxplorio.com, or by calling 07745299430.