The General Data Protection Regulation (GDPR) is an EU regulation which aims to improve privacy and give people greater control over their personal information and how it is used. Below, I explain how I will handle and use the personal data I hold, whether on this website or if you work with me as a client.

Client privacy

Information I hold

  • Personal data is information that can identify you. I collect the following:
  • Biographical information – your name, address, date of birth
  • Your contact details – postal address, email address and phone number
  • Emergency contact and GP details
  • I also ask for a brief overview of what brings you to counselling and what you hope to get from this work
  • Subsequently I keep brief, anonymised session notes.

Processing your personal data

This means collecting, storing, using, sharing and deleting your personal information. I only collect information that is essential for clinical or legal reasons.

Requesting to see your data

You are able to ask for a copy of the information I hold about you, free of charge. You would need to ask for this information in writing and I aim to provide it in digital form, within 28 days of receiving your request.

What do I do with your data?

The information you give me when we contract to work together is stored securely as a password protected digital file, email or paper record kept in a locked cabinet.

Your name, email address and phone number are stored securely on my work phone and desktop computer. This is removed 1 month after our work together has come to an end.

I will use your phone number, email or home address to contact you regarding appointments and to reply to you if you make contact with me.

Anonymised session notes are stored on secure, password protected cloud storage or in a locked cabinet. I keep session notes for 7 years, in order to be able to answer a complaint if one were raised.

I will never share your data with a third party unless I have your permission; if I am concerned about your safety or the safety of someone else; or if obliged to by a court of law.

During the course of our work, if I become suddenly ill and unable to contact you, I would share your name and phone number with my professional executor who would contact you, in line with good practice in the profession.

Data breaches

I will inform you within 72 hours if there has been any breach of your data.

Website privacy

The data controller for this website is Kelly Paterson. The way I gather and use personal information regarding visitors to this site is outlined below.

I use Google analytics to analyse traffic to the site, and this data is anonymised. More info on Google’s privacy policy here.


I use a minimal set of cookies on this site, so that I can monitor visits to the site (anonymised data), and to display google maps.

Information on deleting or controlling cookies is available at Please note that by deleting cookies or disabling future cookies you may not be able to access certain areas or features of my site.