Who we are
We are Psych Health Limited, a provider of Clinical and Counselling Psychology services. We are registered in England and Wales under company number 6673730. Our registered office and correspondence address is: Psych Health, Office 7, 35-37 Ludgate Hill, London, EC4M 7JN and our telephone number is 020 3821 1452. Our email address is: firstname.lastname@example.org
Psych Health Limited will be what is known as the ‘Controller’ of the personal data that is provided to us about you or that you may provide to us. We hope that the information in this privacy notice will enable you to understand how and why we use your data but if you have any questions please do not hesitate to contact us.
Why we process your personal data
We process the personal data that you submit to us on our website in order to contact you to answer your query. Depending on the information you submit, it may contain Special Category Data relating to your health. If you provide us with Special Category Data then we would process that for purposes of the provision of health or social care or treatment, preventative or occupational medicine, for medical diagnosis, or the assessment of your working capacity.
What information will we process?
We process the information you give us, which at a minimum is your name and email address but could be whatever additional information you choose to provide.
What do we do with the information?
All of your data is processed by our staff in the UK and will be stored electronically on Microsoft’s secure cloud-based platform, whose servers may be in other European Union countries. We do not pass your personal data outside of the European Union.
We have strict policies and procedures in place in respect of information security and are very happy to provide you with further information regarding those systems if you wish.
We would not share the information you provide through our website with anyone unless we felt that you or anyone else was in any danger, in which case we may be legally required to share information necessary to make that situation safe.
Other organisations (“processors”) may have access to and may process your data during the course of their work for us. These are:
Microsoft, our cloud-based storage provider
Our IT support provider, Infinity Group Ltd
Is it a legal (statutory or contractual) requirement for you to provide us with your personal data?
In order to answer your query we need to process the personal data that you provide (including Special Category Data relating to your health if you provide it).
There is no statutory requirement for you to provide us with your personal data.
Our legal basis for processing your data is consent. Before you submit any information to us using the form on our website you are asked to consent to us processing your data according to the information provided in this notice.
How long will we keep your information?
Depending on the information you provide us, we will keep that information for different periods of time. If you provide us with information that then forms part of a medical file (because, for example, we subsequently arrange assessment or treatment appointments for you) then in line with NHS guidelines for the retention of medical information, we will keep your data for a period of 30 years after your discharge from this service or 8 years following your death. Details of these guidelines can be found here: https://www.nhsx.nhs.uk/information-governance/guidance/records-management-code/
If your query is not related to your own health then we would keep your information for as long as is necessary for us to answer that query, for the length of any subsequent contact we have with you, or for seven years if necessary to comply with accounting rules
Your rights and how you can complain
As a “data subject” you have a set of specific rights. We are required to make you aware of the existence of these rights. They are in outline:
The right to request from us, as the Data Controller, access to your personal data;
The right to request rectification of your personal data;
The right to request erasure of your personal data;
The right to request a restriction on the processing of your personal data
The right to object to the processing of your personal data; and
The right to data portability
Your right to complain to the Information Commissioners Office
You have the right to lodge a complaint about our compliance with the applicable regulator for data protection.
This is the Information Commissioners Office. For more information you can visit their website at www.ico.gov.uk
Use of automated decision making or profiling
We do not carry out automated decision making or profiling.