Privacy, Confidentiality & Data Protection

My name is Demelza Danquist and I am a Certified Hypnotherapist, NLP practitioner and Childbirth Educator with the following qualifications.

  • RTT™ Certified Rapid Transformational Therapist (Marisa Peer School, London)

  • Certified Hypnotherapist (Marisa Peer School, London)

  • Certified HypnoBirthing® CBE (HypnoBirthing Institute, UK)

  • Certified Practitioner of Human Interaction Technology (Human Communications Institute with Michael Bernoff, Arizona (NLP))

  • IHF Member (International Hypnosis Federation)

  • IACT Member (International Association of Counselors & Therapists)

 I provide sessions online

 

Overview

 

To protect your privacy, all client data is kept strictly confidential and will be stored in accordance with the General Data Protection Regulation (GDPR)/applicable Data Privacy laws that took effect on 25th May 2018. From that date, I am required to ensure that I gain new data protection and privacy consent from all clients. One of the key requirements is for me to advise what information I hold about you and how I am permitted to use it.

 

All information is completely confidential always, unless permission is given otherwise. Please read our Privacy Policy available on our website and note that by agreeing to this section, you consent that I may release information to a relevant individual or agency if it has been determined that a child or adult is at risk of or is currently being harmed and/or abused; or if you as a client are in imminent danger to yourself or others; or if a subpoena of records or any other requirement to share information by law has been requested.

 

Data Protection & Privacy Consent

This consent form should be read in conjunction with the Privacy Policy on my website which includes my Website Disclaimer and use of Cookies. In accordance with Article 13 ‘Right to be Informed’ of the GDPR I am bound by law to inform my clients:

 

Personal Data

I only collect and store information which is relevant to our therapeutic work together. I am permitted to collect and keep this information by law.

I use the data I hold about you to contact you about appointments and to take notes about what we have covered together.

This ensures continuity of care and means I am able to provide you with the best service.

 

What data do I keep and why do I need it?

 

  • Name and age: this is basic information that allows me to get to know you

  • Address, email, phone number: Our initial contact will be via my online website or business email which is hosted by Gmail for business. From this point on, please only communicate with me using this email or our secure client portal hosted by Simple Practice; however note that my gmail account is not encrypted so it only partially protects your privacy. Encrypted accounts can be set up if required. I use these as a way of contacting you regarding your sessions. I will mainly use emails but if I cannot reach you, I will try a different method.

  • Next of kin/ medical profession’s details: If I was worried that you were at risk then I may need to contact your next of kin or medical professional. If I can, I will let you know when/ if I am going to do this.

  • Session notes:  I keep brief note(s) of our session(s).

  • Payment: Payment is to be completed upon booking your session via the links provided to you in the Client Portal. The payment is to be completed by credit card or Paypal by special request. 

  • Video calls: I use Zoom to conduct our therapy online. All calls are encrypted. Sessions are not recorded but client approval will be necessary prior to the session, in case required. 

  • Appointment scheduling: All appointments are to be requested using the “connect” link on my website which connected to my secure and encrypted portal via Simple Practice.

  • Text messaging and phone calls: If you wish to use regular WhatsApp or phone calls to communicate with me, please note that they are not 100% securely confidential. If you would like a more secure way of texting or phoning me, we can use your secure client portal or Signal for messaging. 

  • How will I store your data?

Storage of client material: I use a cloud-based practice management system (Simple Practice) to store your personal information and case notes securely. I do not store client identifiable information on computer hard disks. 

 

How do you access your data and data retraction?

You have a right to request to see the data held. Legally I am required to respond within 30 days. Please contact me at my business email address Demelza@DemelzaDanquist.com, if you would like to access your data.

 

How long will I store your data for and how will I dispose of it?

I retain your personal information and health record for the time required by my insurer (currently 8 years). Thereafter I will destroy any document with your personal information and delete your phone number out of my mobile phone.

You have a right to retract consent to hold and process your records before that time if you wish. Please contact me at my business email address Demelza@DemelzaDanquist.com, if you wish to do so.