top of page

Privacy, Safeguarding & Data Protection Policy

 

Paula Miles Therapy
www.paulamilestherapy.com

1. Introduction

Your privacy, confidentiality, and safety are central to my work.
This policy explains how I collect, use, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the BACP Ethical Framework for the Counselling Professions.

By accessing this website or engaging in therapy, you acknowledge that you have read and understood this policy.

2. Who I Am

Business Name: Paula Miles Therapy
Practitioner: Paula Medeiros Borges Miles
Professional Title: Psychotherapist  Psychoanalyst, Registered Member (MBACP)
Email: enquiries@paulamilestherapy.com
Address: Corinthian Close, Basingstoke, RG22 4TN
Data Controller: Paula Miles

3. The Data I Collect

I collect and process only the information necessary to provide professional psychotherapy and psychoanalysis services, in line with ethical and legal obligations.

a. Personal Data

  • Full name

  • Contact details (email, phone number, address if relevant for invoices or face-to-face therapy)

  • Emergency contact details

b. Sensitive or “Special Category” Data

  • Information relating to mental health and emotional wellbeing

  • Therapy notes, intake forms, and assessments

  • Any relevant medical or background information you choose to share

c. Technical Data

  • Website browsing data (IP address, browser type, cookies)

  • Analytics (e.g., page visits, time on site)

d. Marketing & Communication Data

  • Newsletter subscriptions

  • Downloads of free resources, eBooks, or quizzes

This information is collected only with your consent or as necessary to deliver services safely and professionally.

4. Purpose for Data Collection

Your personal data is used only for lawful and legitimate purposes:

  • To deliver psychotherapy and psychoanalysis sessions

  • To maintain clinical records required by professional standards

  • To communicate with you regarding sessions, invoices, or resources

  • To ensure ethical, safe, and appropriate therapeutic practice

  • To comply with legal, safeguarding, or regulatory obligations

I will never sell or share your data for marketing purposes.

5. Confidentiality & Safeguarding

Confidentiality is the foundation of psychotherapy. Everything you share is treated with respect and discretion.
However, under the BACP Ethical Framework and UK safeguarding law, there are specific limits to confidentiality.

I may need to share information if:

  • You are at risk of serious harm to yourself or another person

  • A child or vulnerable adult is at risk of abuse or neglect

  • I am required by law (e.g., court order, terrorism, or money laundering legislation)

  • Disclosure is necessary to prevent a serious crime

Whenever possible, I will always discuss any concerns with you before taking action, unless doing so would increase the level of risk.

6. Lawful Basis for Processing

In accordance with Article 6 and Article 9 of the UK GDPR, your personal data is processed under the following lawful bases:

  • Contract: for the delivery of therapy services you have requested.

  • Consent: for newsletters, free resources, or non-essential contact.

  • Legal obligation: for professional and regulatory compliance.

  • Vital interests: in rare cases to protect your life or prevent harm.

  • Legitimate interest: to ensure safe practice and communication.

7. Data Storage & Security

All information is stored and protected in line with GDPR standards:

  • Electronic notes are stored in encrypted, password-protected systems.

  • Devices are secured with multi-factor authentication.

  • Access is restricted solely to the therapist.

  • Backups are encrypted and updated regularly.

Retention: Client records are retained for 7 years after the end of therapy (or longer where legally required). After this period, all data is securely deleted or destroyed.

8. Your Rights Under GDPR

You have the right to:

  • Request a copy of the data I hold about you

  • Correct inaccurate information

  • Request deletion of your data (where legally appropriate)

  • Withdraw consent for non-essential data processing

  • Restrict or object to certain processing activities

  • Lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data is not being handled lawfully:
    www.ico.org.uk

All requests should be made in writing to: enquiries@paulamilestherapy.com

9. Cookies & Website Analytics

This website uses cookies and third-party analytics tools (e.g., Google Analytics, Wix cookies) to understand website usage and improve performance.
You can manage or disable cookies through your browser settings at any time.
For details, please see the Cookie Notice.

10. Third-Party Services

I use secure third-party providers to deliver some services, including:

  • Scheduling: Fresha (appointment booking)

  • Payment Processing: Stripe, PayPal

  • Email Marketing: Wix or Mailchimp (for newsletters)

  • Quizzes / Downloads: Quizell

All third-party providers are required to comply with GDPR and handle your data securely.

11. Safeguarding Statement

As a BACP-registered psychotherapist, I adhere to UK safeguarding laws, including the Children Act 1989, Care Act 2014, and Working Together to Safeguard Children (2018).

I am committed to:

  • Protecting children, young people, and vulnerable adults from harm

  • Taking action where risk or abuse is identified

  • Cooperating with safeguarding authorities when necessary

  • Maintaining accurate records of any safeguarding concerns

All actions are taken in line with BACP’s Ethical Framework for the Counselling Professions (2024) and the Safeguarding Adults Principles: empowerment, prevention, proportionality, protection, partnership, and accountability.

12. Updates to This Policy

This policy may be updated periodically to reflect legal, ethical, or practice changes.
The latest version will always be available on www.paulamilestherapy.com with the most recent revision date.

13. Contact

If you have questions or concerns about how your information is handled, please contact:

Paula Miles Therapy
Email: enquiries@paulamilestherapy.com
Address: Corinthian Close, Basingstoke, RG22 4TN

Last Updated: [06/2025]

bottom of page