Privacy Notice: Updated January 2024
My policy complies with the Swiss New Federal Act on Data Protection (fNADP) of 1 September 2023 (which builds on the EU General Data Protection Regulation (GDPR) which came into effect on 25 May 2018). I take very seriously the need to protect your personal information and this policy represents my ongoing efforts to be transparent about the way in which I collect information, what information I collect and why, and what your rights are in relation to your personal information.
Transparency: In order to work as a counsellor, I am legally and ethically required to collect and store some of your personal information. According to the Code of Ethics of the American Counseling Association (ACA) and the Swiss Association for Counselling (SGfB) and the Ethical Framework of the British Association of Counsellors and Psychotherapists (BACP), I am required to keep “adequate records” which are “adequate, relevant and limited to what is necessary for the type of service being provided”.
Why do I collect data? The legal basis for processing data: According to the fNADP and the GDPR, I am legally entitled to process this information because we have formed a ‘contract’, i.e. an agreement about how we wish to work together, or because you have reached out to me and indicated an interest in potentially entering into a contract.
What information do I collect? I may collect your name, contact information (postal address, email address and telephone number), your preference for receiving information by email, phone or text, your date of birth, emergency contact information, and the name and contact details for your doctor. I also keep counselling records which I am legally and ethically obligated to do. I disclose information to third parties only with your consent or where legally or ethically justified (see my informed consent policy for more information).
How do I store your data? I use an ISO27001 certified practice management software for therapists which is GDPR ready and uses two-factor authentication login and encrypted data replication across different servers to keep your records safe. I store your telephone number on my mobile telephone in case of emergencies – these details are anonymized and password protected. I delete texts and emails regularly.
How long will I store your data and how will I dispose of it? In line with ethical and legal norms in the psychology profession in Switzerland, I safely store your files for ten years after the end of our contract, after which they will be disposed of as confidential waste.
Your control of your personal data:
- Your personal information will be held and processed until you withdraw consent.
- You have the right to have your information erased and the ‘right to be forgotten’ (when considering these requests, these rights are obligatory unless it is information which I have a legal duty to retain).
- You have the right to request access to the personal information that is held. I am legally obligated to respond within 30 days.
- You have the right to have your personal data corrected.