Privacy Policy

At Hayley Morgan Therapy, your privacy is of utmost importance to us. This privacy policy explains how we collect, use, store, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and relevant UK and Irish data protection laws.

What Information We Collect

  • Personal Details: Name, address, date of birth, contact details (such as telephone number and email address).
  • Health Information: Details relating to your mental and physical health, including any relevant medical history.
  • Session Records: Notes from counselling sessions, appointment dates, and any correspondence relating to your care.
  • Payment Information: Details necessary for processing payments, if applicable.

How We Use Your Information

  • To provide you with safe and effective counselling services.
  • To arrange and manage appointments.
  • To communicate with you regarding your care.
  • To comply with legal and regulatory obligations.
  • To process payments for services rendered.


Lawful Basis for Processing


We process your personal data on the basis of explicit consent, the necessity for the provision of care, and compliance with our legal obligations as a care provider.


Confidentiality and Sharing


All information shared in counselling sessions is treated with strict confidentiality.


Your information will not be shared with third parties without your explicit consent, except where required by law. Examples of this are, but not limited to, if there is a risk of harm to yourself or others. We are also required by law to share information with third parties in the cases of money laundering, fraud, acts of terrorism, or other criminal acts, abuse or neglect and safeguarding concerns. In all cases where confidentiality may be broken, we will always seek to wherever possible and if safe to do so, to discuss this with you beforehand.


How We Store Your Information

Your information is securely stored in locked filing cabinets and/or on password- protected devices and systems. We retain your records for the period required by law (usually seven years after the last session) and will then securely destroy them.


Your Rights


  • You have the right to access your personal information held by us.
  • You may request corrections to any inaccurate or incomplete data.
  • You can request that your information be erased, restricted, or transferred, subject to legal and professional obligations.
  • You have the right to withdraw your consent at any time (though this may affect our ability to provide services).


Contact Details


If you have any questions or concerns about this privacy policy or the way your data is handled, please contact us.


Complaints

If you are unsatisfied with our response to your concerns, you may contact the Data Protection Commission (Ireland) or the Information Commissioner’s Office (UK), depending on your location.


Policy Updates


We may update this privacy policy from time to time. The latest version will always be available on our website or upon request.