Dr Joanne Lacey is the Data Controller for Therapeutic Fitness. Therapeutic Fitness is registered with the Information Commissioners Office (ICO).
Personal data is obtained directly from the client. The purpose of processing the data is to contact the client and for the keeping client records, which is essential under the terms of professional body membership and for insurance. The legal basis for processing data is contract and legitimate interest. Therapeutic Fitness cannot offer its services without holding some personal data. We cannot run the practice without the collection and storage of some personal data. We need to hold data for insurance and limited legal purposes (any disclosures under the Terrorism Act or Money Laundering under The Drug Trafficking Act, a court order to provide session notes or emails).
Therapeutic Fitness processes the data of less than 1, 000 clients.
We collect and store specific data, name, DOB, email, telephone number and address from the contact form, medical history as shared in the first session. We hold brief anonymised written notes, session attendance records, a brief summary of any interventions or confidentiality issues and the personal information shared in the counselling agreement, We also hold email communications and these are securely archived. This data will be held for 7 years as per the terms of my insurance policy, then destroyed.
People will agree or opt out of being contacted by a counsellor executor in the event of my death or long term incapacity.
Data (email address) is shared with Zoom for the purpose of video conferencing. In exceptional circumstances, client session notes and emails can be subpoenaed by a UK court. Outside of these exceptional circumstances no client data shall be shared with any third party without the client's written permission.