top of page
yellow shape.png
bacp logo.png
cwl secondary logo for website.png

GDPR Privacy Policy & Statement for Lee Brown Counselling Services


May 2025

1. Introduction
This Privacy Policy outlines how Lee Brown, a sole trader based in the UK, complies with the General
Data Protection Regulation (GDPR) concerning the personal data of private clients. General Data
Protection Regulation (GDPR) forms part of the Data Protection Act (2018) and provides you with
greater transparency over your personal data, such as data used to identify you. Lee Brown abides
by the terms of GDPR (2018) and have outlined how your personal data is used and stored. This
policy explains the types of personal data collected, how it is used, stored, and protected, as well as
your rights regarding your personal data.


2. Data Controller
Lee Brown is the Data Controller responsible for your personal data. As a sole trader, Lee Brown is
registered and compliant with the UK’s Information Commissioner's Office (ICO).


3. Types of Personal Data Collected
The following personal data may be collected and processed:
- Contact Information: Name, address, telephone number, email address.
a) Name: Used to address you, to ensure confidentiality client notes are assigned a
code.
b) Email: Used to confirm appointments and for general communication
c) Phone number: Used to confirm appointments and for general communication,
phone numbers saved on work phones are saved under your assigned code.
d) Address: Used to contact you in writing
- Emergency Contact Number: This may be used in the event that a planned session has been
missed and the Counsellor has been unable to contact you by other means. This number
may be called within 7 days of the missed session at the discretion of the Counsellor.
- Demographic Information: Age, gender, marital status, employment status.
- Health Information: Mental health history, current health conditions, medications, and
treatment plans.
a) GPs address: Used to contact your GP if required
- Assessment information: This information is taken during the initial session / assessment.
The information is used to assess any risk, take note of any client goals and to help the
Counsellor assess what support you are looking for
- Session Notes: Brief notes taken during or after sessions, including key points of discussion,
therapeutic progress, and goals.

- Financial Information: Bank account details or payment information for session fees.


4. Purpose of Data Collection
Your personal data is collected and used for the following purposes:
- To provide counselling services, including scheduling appointments and assessing
therapeutic progress.
- To communicate with you regarding appointments, session changes, and other relevant
information.
- To comply with legal obligations, such as record-keeping for tax purposes or compliance with
court orders.
- To process payments for services rendered.


5. Legal Basis for Processing Personal Data
Your personal data is processed based on one or more of the following legal grounds:
- Consent: By engaging in counselling services, you consent to the processing of your personal
data for the purposes outlined in this policy.
- Contract: Processing is necessary for the performance of a contract with you (i.e., providing
counselling services).

- Legal Obligation: Processing is necessary to comply with legal obligations (e.g., financial
record-keeping).
- Legitimate Interests: Processing is necessary for legitimate interests pursued by
[Counsellor's Name], such as ensuring the safety and well-being of clients.


6. Data Storage and Security
Your personal data is stored securely in accordance with GDPR requirements:
- Physical Data: Any paper records are stored in a locked, secure location.
- Electronic Data: Digital records are stored on password-protected devices, with encryption
where appropriate. All client notes are stored on a password and virus protected computer
system. All notes will be assigned a code so your name will never be attached to any client
notes, this is to provide anonymity.
- Data Retention: Personal data is retained for as long as necessary to fulfil the purposes
outlined in this policy, or as required by law. Typically, counselling records are kept for a
minimum of 7 years after the last session, in line with professional guidance.


7. Data Sharing
Your personal data will not be shared with third parties except in the following circumstances:
- Legal Requirements: If required by law, personal data may be disclosed to relevant
authorities.
- Client Consent: With your explicit consent, your data may be shared with other
professionals (e.g., GPs, other therapists) involved in your care.

- Emergency Situations: In cases where there is a risk of harm to yourself or others, your data
may be shared with appropriate services (e.g., emergency services).


Your information will not be shared with any third party, and you have the right to remove personal
contact information at any time. Should you want Lee Brown to delete all contact information please
get in touch via: leebrowncounselling@gmail.com


Lee Brown will keep your signed client/counsellor agreement, anonymised notes and first session
assessment form for 7 years after our final session (your contact details will be removed from these
forms automatically after 5 years or sooner at your request). After 7 years, all information will be
removed and disposed of securely.


8. Therapeutic Executor
As outlined in the Counsellor/Client agreement I have a therapeutic executor, (name of executor)
who is a registered therapist. In the event of my unexpected incapacity, illness, or death (executor)
would gain access to clients securely stored name and number. (Executor) will only call to provide
clients with signposting to other mental health services then will securely destroy your contact
details.


9. Data Breach Notification
In the event of a data breach that may pose a risk to your rights and freedoms, you will be notified
promptly, and appropriate steps will be taken to mitigate the breach in accordance with GDPR
requirements.


10. Changes to This Policy
This policy may be updated from time to time to reflect changes in legal requirements or practices.
You will be notified of any significant changes.


11. Contact Information
If you have any questions or concerns about this Privacy Policy or your personal data, please contact:
Lee Brown
lee@counsellingwithlee.co.uk
If you believe your data has been mismanaged, you have the right to lodge a complaint with the
Information Commissioner’s Office (ICO) in the UK.


12. Consent
By engaging in counselling services with Lee Brown, you acknowledge that you have read and
understood this Privacy Policy and consent to the processing of your personal data as described
herein.

This policy ensures that both the counsellor and clients are protected under the GDPR, maintaining

Asset 9.png
cwl secondary logo for website.png

quick links

 

about me

Services & Costs

Blog

Immediate support info

Contact Us

contact info

 

Email: lee@counsellingwithlee.co.uk

Phone: 07364 101251

Based in: Durham, Newcastle

legal

 

Privacy Policy

Terms & Conditions

  • Instagram
  • Facebook
  • LinkedIn
bottom of page