Privacy Policy
1. Introduction
I am committed to protecting your privacy and handling your personal information in a transparent and secure way. This privacy policy explains how I collect, use, store and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Who I Am
I am Louise Gill, a BACP-accredited therapist offering online therapy services in the UK.
If you have any questions about this policy or how your data is used, you can contact me at:
Email: louise@louisegilltherapy.co.uk
Website: www.louisegilltherapy.co.uk
I am the data controller for the personal information described in this policy.
I am registered with the Information Commissioner’s Office (ICO), registration number: ZB983589
3. How I Collect Your Information
I collect information in a few different ways:
When you contact me through my website or by email to enquire about therapy
When we arrange an initial consultation or ongoing sessions
When you complete intake forms or questionnaires
During our therapy sessions
Through practical communication (e.g. booking or rearranging appointments)
Providing your information is always your choice, but I may need certain details to offer you therapy safely and effectively.
If you contact me via the website contact form, I recommend avoiding sharing detailed or highly sensitive personal information at this stage. I will only use the information you provide to respond to your enquiry and, if appropriate, arrange an initial consultation.
4. Website Use, Cookies and Analytics
When you visit my website, basic information may be collected automatically through cookies or similar technologies. This can include information such as your IP address, browser type, and how you use the website.
I may use website analytics tools to help me understand how the site is being used and to improve the experience for visitors. These tools do not identify you personally.
You will be asked to consent to non-essential cookies when you first visit the website. You can manage or withdraw your consent at any time using the ‘Cookie Preferences’ button in the website footer.
5. What Information I Collect
When you get in touch or begin working with me, I may collect personal and sensitive information, including:
Your name, date of birth, address, telephone number and email address
Emergency contact and GP details
Information about your physical and mental health, including diagnoses and medication
Information about alcohol or drug use and other addictive behaviours
Personal background, including relationships, family, work and significant life events
Information relating to risk (for example, risk of harm to yourself or others)
Responses to questionnaires used to support assessment and track progress
Records of our communication and brief session notes
I only collect information that is relevant to supporting you in therapy.
6. How Your Information Is Used
Your information is used to:
Respond to your initial enquiry
Help me understand what’s bringing you to therapy
Provide safe, appropriate and effective therapeutic support
Keep accurate records of our work together
Manage appointments and communication
Meet my professional, ethical and legal responsibilities
7. Lawful Basis for Processing
Under UK GDPR, I process your data on the following bases:
Contract – to provide therapy services
Legitimate interests – to work safely and effectively as a therapist
Legal obligation – where disclosure is required by law
Explicit consent – for processing sensitive (special category) data such as health information
In addition, I process special category data in accordance with Article 9(2)(a) (explicit consent) and Article 9(2)(h) (the provision of health or social care) of UK GDPR.
You can withdraw your consent at any time.
8. Use of Third-Party Services
I use secure third-party services to support the running of my practice:
Cliniko – for securely storing client records, including clinical notes, assessment information, appointment scheduling and communication
Microsoft OneDrive (Business) and Microsoft 365 – for secure storage of clinical notes, recordings and email communication
Squarespace – to host my website and manage website enquiries
These providers act as data processors and only process your data on my behalf and under my instruction. Appropriate technical and organisational measures are in place to protect your data.
Some of the services I use to store and manage information may process data outside the UK. When this happens, they are required to put safeguards in place to ensure your information remains protected.
9. Confidentiality
Confidentiality is a key part of therapy.
I will not share your information without your consent unless:
There is a risk of serious harm to you or someone else
There are safeguarding concerns
I am required to do so by law
I may discuss my work in professional supervision, but this is done in a way that protects your identity.
10. How Your Data Is Stored
Your information is stored securely using password-protected and encrypted systems. I take appropriate steps to protect your data from unauthorised access, loss or misuse.
11. How Long Your Data Is Kept
I keep your records for 7 years after therapy ends, in line with professional guidelines. After this, your data is securely deleted or destroyed.
If you contact me to enquire about therapy but do not go on to become a client, I will retain your information for up to 3 months after our last contact, after which it will be securely deleted.
12. Your Rights
You have the right to:
Access the information I hold about you
Request correction of inaccurate information
Request deletion of your data (where appropriate)
Restrict or object to how your data is used
Request a copy of your data
Withdraw your consent at any time (where consent is the legal basis for processing).
In some situations, I may need to retain certain information to meet legal or professional obligations.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are concerned about how your data is being handled.
13. Contact and Complaints
If you have any questions about how your data is handled, you’re very welcome to contact me.
You also have the right to complain to the Information Commissioner’s Office (ICO):
14. Updates to This Policy
This policy may be updated from time to time. The most recent version will always be available on my website.
Last updated: 23 March 2026