Privacy Policy - BEP Therapy

Practice data

Under GDPR (General Data Protection Regulation) businesses of all sizes must obtain consent to obtain and store personal details of their customers/clients.

In order to provide services as a counsellor/psychotherapist, we are required to hold the following information:

1. Personal Contact Details

What: Name, telephone number, email address, home address, and date of birth.

Why: To allow me to contact you to arrange, alter or cancel sessions and in the case of emergencies.

Shared With: GP or emergency services only in the case of a serious emergency. My therapeutic executor (a requirement of the profession) will be able to access your first name and contact number in case I am ever incapacitated or otherwise unable to attend our sessions; this is the only time that they will contact you.

Legal Basis: Necessary for the performance of a contract (the therapy service).

2. Anonymised, Brief Session Notes

What: Anonymised, brief session notes.

Why: As an aide-memoire.

Shared With: Absolutely no one without your prior consent, or unless a court order (which is very rare) demands their release.

Legal Basis: Necessary for the performance of a contract (the therapy service).

3. Relevant Medical Information

What: Relevant medical information (voluntary).

Why: To give me information about any diagnosed (or self-diagnosed) conditions and to allow me to communicate important information in the case of a medical emergency.

Shared With: GP or emergency services only in the case of a serious emergency.

Legal Basis: Safeguarding & Duty of Care; Consent.

Clinical Will and Continuity of Care

To ensure continuity of care in the event of my incapacity or death, I have formalised a clinical will. This arrangement means that a trusted professional executor, who is a qualified therapist and adheres to the same professional ethical standards, has agreed to:

Notify all current clients of the situation.
Provide contact details for alternative therapeutic support.
Ensure compliance with GDPR and UK Data Protection laws in the handling or secure disposal of personal data and clinical notes.

The executor will only have limited access to data, specifically your name and contact details. They will not have access to clinical notes.

How and where your data is stored

At BEP Therapy, we use and store your data and take reasonable security measures to prevent your data being accessed by unauthorised individuals.

Your data will be stored on our Data Processors’ secure servers. Your data may also be accessed by employees while they are not in Europe.

Retention Period

Data will be kept for a maximum of seven years following the end of our work together, in anticipation of you needing to return, the notes being required by a court of law in future proceedings, or to support the ethics board should a complaint be filed. After this time, they will be securely disposed of.

Data Protection Officer

If you have any questions or concerns about how your personal data is being processed, you can email hello@bep.co.uk.

Additional Information

Your rights

You have the right to ask us what information we are storing about you, as well as to ask to be forgotten (have your data erased). Any requests to do so should be sent to hello@bep.co.uk. We will comply with all requests within 1 month.

Complaints

If you feel your data has been mishandled, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). Helen Eyley-Aboda’s registration reference is ZB984242.

Changes to this privacy notice

This privacy notice was published on 23.09.2025 and last updated on 23.09.2025. We reserve the right to change our privacy policy at any time. Changes will be listed here and you are advised to check this page for updates. If you do not approve of a change to our privacy policy, you should stop using our website immediately.

By continuing to use our website and freely submitting your data to us, you agree to our privacy policy.