Who I am and what I do

My name is Dan Roberts and I am an Advanced Accredited Schema Therapist, Trainer & Supervisor. I have a private practice in north London where I help people with a wide range of psychological problems. I also teach schema therapy for various training providers and provide clinical supervision to other practitioners. And I am the Founder of Heal Your Trauma, through which I provide
webinars and workshops online.


My commitment

Although I may need to collect and hold certain personal data in order to deliver my services to you I am committed to protecting and respecting your privacy. This policy provides an overview of how I comply with data protection legislation and the basis on which any personal data I collect from you, or that you provide to me, will be processed.

How I obtain personal information

If you contact me, whether by telephone, email, website, or other means, I may keep a record of that correspondence. I may ask you to complete various questionnaires and other forms that I will use to tailor my services to your needs. I may keep records of any
meetings and sessions in the form of written notes, electronic notes and audio recordings. I may receive correspondence from you or from other individuals or organisations relating to the services I deliver to you. I may also produce notes, assessments or reports.

Marketing permissions

Heal Your Trauma will use the contact information you provide when enquiring about or booking a workshop to be in touch with you, send you an email newsletter and to provide updates and marketing. You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from me, or by contacting me at dan@danroberts.com

What personal information I collect and how I use it

The information I may hold on you falls into the following categories:

Contact information
I hold contact information that you have provided to me and which I use to contact you about the delivery of services. This information may include:
• Your full name,
• Your telephone number(s),
• Your email address,
• Your postal address, and
• Your online service IDs (such as Skype).

Data Protection & Privacy Policy

General information
I hold general information that you have provided to me and which I use to manage the delivery of services to you. Some of this information also enables me to comply with my legal or regulatory obligations. This information may include:
• Your full name, including title,
• Your date of birth,
• Contact details for your GP,
• A record of your attendance at sessions, including dates and times,
• Details of an ‘In Case of Emergency’ contact,
• General correspondence relating to your case, and
• Your signature on documents.


Mobile communications

Some of our contact may take place via mobile communications systems such as mobile phone messaging, iMessage, or WhatsApp. I may need to hold some of your personal data to facilitate these contacts. Some information is also stored by the service
providers. This information may include:

• Your full name,
• Your telephone number(s),
• Text message conversations between us,
• Voicemails you have left for me, and
• Meta data.

Service providers generally do not record the messages that are exchanged but they do store what is called “Meta Data”. This is service data, such as who was contacted and how long the call was for.

Familial relationships

I will always ask for a nominated In Case of Emergency contact to ensure that I am able to comply with sensible health and safety arrangements. If I require consent from a parent or guardian to deliver services to you, or if a family member, guardian, or other
agreed person is directly involved in your case, then I may need to hold contact and general information about those individuals.

Sensitive information

Due to the nature of my services I may need to process sensitive data relating to your physical and mental health. The General Data Protection Regulations deem data concerning health as a special category of personal data which means that I need specific reasons for processing this data. These reasons relate to the type of services that I deliver to you. I may also need to hold some of this information in case there is a legal query. The information I hold may include:
• Your full name,
• Your health history,
• Detailed information about your case,
• Sensitive correspondence relating to your case,
• Contact details for other clinicians involved in your case,
• Diagnostic questions and answers,
• Photographs of therapeutic work products,
• Audio recordings of sessions.

Financial records

I am required by law to hold information on payments received for my financial records. This information may include:
• Your full name,
• Your email address,
• Dates of sessions, and
• Payment dates and amounts.


Notification data

I need to hold some information so that I can inform you in the event of a breach of your personal data. Unless you specifically ask me not to, I will hold this information for as long as I hold any other personal data about you. This information may include:
• Your full name,
• Your postal address, and
• Your email address.
If this information changes, please let me know as otherwise I would not be able to contact you if I needed to do so.

Who I share your data with

I may share your Personal Data with selected third parties that help me to deliver my services. I will never share your Special Category Data with these organisations. I may share your Special Category Data with other professionals or organisations involved in your case, but I will make sure you are aware of this.

I undergo regular formal supervision. As part of these sessions it may be necessary to discuss your personal data, including special categories of personal data, with the supervisor who will be a qualified professional operating under terms of confidentiality.
I will not share with my supervisor any personal data that could be used to directly identify you.

Data retention and destruction


I do not keep information about you any longer than is necessary. The length of time I keep your data may be determined by statutory or regulatory requirements. I delete or destroy all personal data when it is no longer required. A copy of my data retention policy is available to clients on request. This shows how long I would expect to keep your data and why.

Your rights under data protection legislation

You have various rights under the relevant data protection legislation. If you wish to exercise any of these rights, then please contact me in writing (see ‘How to contact me’ below). I am confident that I will be able to answer any questions you may have, but should you
feel it is necessary you do have the right to contact the UK Information Commissioner’s Office to discuss the matter further.

Subject Access

You have the right to see what personal data I hold about you. You also have the right to know where I got the data from, how and why I am processing your data, who it has been shared with, and how long I intend to keep it for.

Rectification

You have the right to ask me to investigate, and correct where appropriate, any personal data I hold about you that you believe is wrong.

Erasure

You have the right to ask me to erase personal data that I hold about you where I no longer have a lawful purpose to process the data, or where the data is being processed based on your consent which has now been withdrawn. This right may be restricted by my need to comply with laws, regulations or other legitimate reasons that require me to retain data. However, I will tell you if this is the case.

Restriction of Processing

You have the right to ask me to restrict the processing of your personal data. Restricted processing means that I cannot make any changes to the data unless I have your consent. You can ask for restricted processing where:
• You believe the data I hold is inaccurate and I need time to properly investigate,
• I have unintentionally come into possession of your personal data that I should not hold but you do not want me to delete it,
• Where I no longer need your personal data, but you want me to hold on to it for legal reasons, or
• Where you have objected to how I use your personal data, and this is being investigated.
Once your treatment ends I will automatically restrict the processing of any personal data that I need to keep.

Right to Object

Where you feel that I am processing your personal data in a way that is inappropriate you have the right to object and so ask me to demonstrate legitimate grounds for doing so. This includes asking me not to communicate with you other than in ways you
choose.

How to contact me

If you would like any further information, or you would like to exercise any of your data protection rights, please get in touch.
By post, at:
Dan Roberts,
4 Bedford Mews, London,
N2 9DF
Or by email, at: dan@danroberts.com