top of page

This statement outlines Jayne Paulson's procedures for collecting, storing and processing personal data.
Personal data means data which relates to a living individual who can be identified from the data or from other information from that data, in order to comply with the Data Protection Act (DPA) 2018.
This statement covers all the principles under the DPA. These are known as 'data protection principles' and ensure information is:
- Used fairly and lawfully
- Used for limited, specifically stated purposes
- Used in a way that is adequate, relevant and not excessive
- Kept for no longer than necessary
- Kept safe and secure
- Not transferred outside the European Economic Area (EEA) without adequate protection.
Contact details for the person responsible for taking the lead on compliance
- Jayne Paulson is responsible for personal data, information on procedures dealing with both internal and external access requests and how the information collection is used.

What is meant by informational privacy
The ability of a person to control, edit, manage and delete information about themselves and to decide how and to what extent such information is communicated to others.  Intrusion can come in the form of collection of excessive personal information, disclosure of such personal information without consent and misuse of such information. It can include the collection of information through the surveillance or monitoring of how people act in public or private spaces and through the monitoring of communicati
ons whether by post, phone or online and extends to monitoring the records of sender and recipients as well as the content of messages.
Why I need the information I hold about an individual
- I need to request and store your details in order to administer and deliver the services you have requested and to comply with any legal or professional body responsibilities that ensue in the deliveri
ng of those services.
What am I going to use it for?
- To make contact with you, to record the relevant personal contact details you give consent for me to hold and to record session notes.  To send invoices where appropriate.
Where this information is stored
- I hold your hand written notes, which are coded to ensure anonymity, in a lockable file.  Your contact details are held in a separate lockable file and at no point come together.
- Your first name and anonymised code only are held on my mobile phone and will be deleted at the end of therapy.
- Your first name and anonymised code only are written in my diary.
When and how I delete the information I hold about you
- On request, or 7 years after our last contact, I destroy all paper records by shredding.  For clients under the age of 18, notes are kept until your 25th birthday or 7 years after last contact, whichever is later.
When I pass on personal information
- If during my contact time with you I become aware that there is a safeguarding risk to either you or another person, I will contact whoever we agreed upon at our first session and/or college/professional body/emergency services where appropriate
- My supervisor will be handed all my counselling-related paperwork, should I become indisposed, and will destroy all notes accordingly.
- When you request me to do so.
- When I need to comply with a legal request to do so (a court order for example).
- I do not use CCTV or recording equipment on my premises.
- You can request a copy of your records at any time, and have the right to have these deleted, please see the guidance on

Complaints procedure:
- I endeavour to make it possible, in the first instance, to approach me directly regarding any complaints.
- If this does not prove satisfactory, or is not appropriate, please refer to COSCA's complaint procedures at 


Get in touch

bottom of page