Privacy Policy For HeadFirst Hypnotherapy®
www.headfirsthypnotherapy.co.uk
Last Updated: 28/08/2023
Introduction
This Privacy Policy contains information that is collected and recorded by HeadFirst Hypnotherapy, accessible at www.headfirsthypnotherapy.co.uk (“I” “my” “me”)
I take your privacy seriously and am committed to protecting your personal information.
This Privacy Policy outlines how I collect, use, disclose, and safeguard your information, including any personal data you provide to me. I comply with the data protection laws applicable in the United Kingdom, including the General Data Protection Regulation (GDPR).
The legal basis for collecting and using personal information, described in this policy depends on the personal information I collect and the specific context in which I collect it.
The legal bases I rely on include:
Consent: I may collect and process your personal information with your explicit consent, which you provide voluntarily when you use my website or services. You have the right to withdraw your consent at any time.
Contractual Necessity: In certain situations, I may need to process your personal information to fulfil a contract or take steps at your request to enter into a contract. For example, if you purchase a product or service from me, I may need to collect and process information to complete the transaction.
Legal Obligations: I may collect and process your personal information to comply with legal obligations, such as tax, accounting, or regulatory requirements.
Legitimate Interests: I may process your personal information when it is in my legitimate interests to do so, provided those interests are not overridden by your rights and interests. This may include using your information for appropriate marketing communications or improving my website and services.
Protection of Vital Interests: In exceptional circumstances, I may process your personal information to protect someone's life, including yours.
The legal basis for processing your personal information will be made clear at the time I collect it, and if you have any questions or concerns about the legal basis, you can contact me using the information provided in this Privacy Policy.
Information I Collect:
Personal Information: I may collect personal information when you interact with my website or services, including your name, contact information (such as email address and phone number), and any other information you provide voluntarily, so that I can respond to your message and communicate with you about your enquiry.
Information during the Free Discovery Session: and / or paid sessions. I collect and store information about you, including personal and health-related data collected during the Free Discovery Session and or paid sessions. This information is collected for the purpose of providing hypnotherapy services and is subject to strict confidentiality.
Automatically Collected Information: I may collect certain information automatically when you visit my website, such as your IP address, browser type, operating system, and browsing behaviour, through cookies or similar tracking technologies. You can learn more about the use of cookies below (see below for further information).
Information for my contact database for marketing purposes: I may collect your name, email address and/or phone number if you subscribe to any of my newsletters, promotions, free downloads or free products etc in place from time to time. I will always ask for your consent before adding you to my contact database. You are also able to unsubscribe at any time.
How I Use Your Information:
Providing Services: I use the personal information I collect to provide hypnotherapy services to my clients. For example during the Free Discovery Session and also includes, but not limited to, maintaining accurate records of our sessions, and tailoring my service(s) to meet your specific needs.
Communication: I may use your contact information to send you important updates, appointment reminders, and other service-related communications for the purposes of facilitating my service(s) to you.
You may also have signed up to be sent communications about my service, products etc, if you for example, downloaded the Free ‘Relaxation Audio’ or signed up to any promotion, newsletter or any other sign-ups in place from time to time. Again, you can opt out of these communications at any time.
Improving my Services: I may use anonymised and aggregated data to analyse trends, gather demographic information, and improve my website and services (see information further in this policy).
Legal Compliance: I may use your information to comply with applicable legal obligations, such as responding to legal requests or protecting my rights and interests. (See information further in this policy).
Legitimate Interest in Post-Treatment Communication
After the conclusion of your hypnotherapy treatment, I may have a legitimate interest in maintaining communication with you for several reasons, including:
Follow-Up and Progress: I have a genuine interest in your well-being and continued progress. Maintaining contact allows me to follow up on your progress and provide additional support or resources if needed.
Feedback and Improvement: Your feedback is valuable to me. I may seek your input on your treatment experience to help me improve our services and better meet the needs of future clients. This could also include asking you to provide a testimonial or writing a review online i.e. Google Business Review.
Information and Resources: I may share information and resources related to hypnotherapy, mental health, or self-care that I believe could be beneficial to you. This may include updates on new techniques, relevant workshops, or educational materials
Special Offers and Services: I may occasionally inform you about special offers, workshops, or services that align with your previous treatment and could be of interest to you.
My legitimate interest in post-treatment communication is always centered on your well-being, continued progress, and providing you with valuable information and resources. I will respect your preferences and provide options to opt out of such communication if you wish to do so.
Sharing Your Information:
Service Providers: I may share your information with third-party service providers who help me operate my website and provide my services to you.
These service providers are contractually bound to protect your information and only use it for the purposes I specify. This could include, but not limited to:
Email management system providers who help me communicate with you;
Practice Management Software( PMS) to help manage appointments, keep notes etc
Website Hosting Company;
Email marketing software, that allows me to communicate with you about my products and services;
Online communication portals i.e. Zoom, Google Meet, for the purposes of performing an online Free Discovery Session.
Payment Facilitation Providers – so that I can accept payments from you.
Feedback Software – to enable me to request a testimonial from you post treatment.
These providers have access to your personal information so that they can perform their functions on my behalf, but they may not use it for other purposes.
Legal Requirements: While I am committed to protecting your privacy and confidentiality, there are circumstances under which I may be legally bound to share your personal information without your consent.
These situations are exceptional and are in place to protect your safety, the safety of others, and to comply with legal requirements.
Such circumstances may include:
Harm to Self or Others: If you express an intention to harm yourself or someone else, I have a legal and ethical duty to take appropriate action to prevent harm. This may involve disclosing relevant information to the appropriate authorities or healthcare professionals to ensure your safety or the safety of others.
Legal Requirements: In some cases, I may be legally obligated to disclose personal information if required by law, a court order, or in response to a valid legal request from law enforcement or government agencies.
Child Protection: If I become aware of any form of child abuse or neglect, I am legally obliged to report this to the relevant child protection authorities to ensure the safety and well-being of the child involved.
Public Safety: If there is a threat to public safety or national security, I may be required to cooperate with law enforcement agencies, government entities, or other relevant authorities.
Please understand that while I value your privacy and confidentiality, my paramount concern is your safety and the safety of others. I will only disclose your personal information in situations where it is legally mandated or necessary to prevent harm.
I will make every reasonable effort to inform you if such a disclosure becomes necessary, but this may not always be possible, especially in urgent situations.
My actions will always be in accordance with applicable laws and regulations.
Contacting Your GP or Healthcare Practitioner:
During our sessions, my primary concern is your safety and wellbeing. If at any point during our sessions, it becomes necessary to ensure your safety or address any medical or psychological considerations, I may request your consent to contact your General Practitioner (GP) or relevant/most appropriate healthcare provider.
I will always seek your explicit consent before contacting your GP or healthcare practitioner. Should you refuse, this could potentially mean that sessions cannot continue.
The above process will also be applicable should you mention something or give me reasonable belief in your Discovery Session (including before and after), that hypnotherapy may not be a safe option for you. Before engaging in further sessions I may request your consent to contact your General Practitioner (GP) or relevant/most appropriate healthcare provider. Sessions will not start until I have received a satisfactory response outlining that we can proceed safely.
Please note that I take all reasonable measures to ensure that any third parties with whom I share your personal information to enable me to perform my hypnotherapy services to you, comply with relevant data protection laws and have appropriate security measures in place.
Consultation With My Supervisor:
As a dedicated and ethical hypnotherapist, I am committed to providing the best possible support and care to you.
To ensure that I maintain the highest standards of professional practice, I engage in regular supervision sessions with a qualified supervisor in accordance with the ethical frameworks, outlined with the AfSFH and NCH.
These supervision sessions serve several important purposes in the context of hypnotherapy:
Professional Growth: Supervision helps me continually develop as a hypnotherapist. It provides a structured environment in which I can reflect on my practice, explore new therapeutic techniques, and gain insights from an experienced colleague.
Ethical Guidance: Supervision assists me in upholding the ethical principles and standards of my profession. It ensures that I remain in compliance with established codes of ethics, protecting your rights and well-being.
Client Welfare: While supervision discussions focus on professional development and ethical considerations, your confidentiality is always maintained. I do not disclose personally identifiable information during these sessions. Instead, I may discuss cases in a de-identified manner to ensure your privacy.
Quality Assurance: Supervision contributes to the quality of hypnotherapy services provided. It allows me to receive feedback and guidance, which ultimately benefits you by enhancing the effectiveness of our sessions.
More Complex Cases: In some cases, I may need to consult with my supervisor about challenging or more complex situations to ensure that I am providing you with the best possible care. Again, no personally identifiable information is shared during these discussions.
I may also take to supervision information related to a Discovery Session with a potential client, but do not share any identifiable details (the same as any clients).
Please understand that my engagement in supervision is a standard practice within the hypnotherapy profession, as well as most therapy practices, and is designed to uphold your rights, ensure your well-being, and enhance the quality of the support I provide.
Your Rights Regarding Your Data:
I am committed to upholding your rights regarding your personal data, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. As a user of my website, you have the following rights:
· Access: You can request access to the personal information I hold about you.
· Rectification: You can request that I correct any inaccuracies in your personal data.
· Erasure: You can request that I delete your personal data, subject to legal requirements.
· Restriction: You can request that I restrict the processing of your personal data in certain circumstances.
· Data Portability: You can request a copy of your personal data in a structured, machine-readable format.
· Withdraw Consent: If I rely on your express consent to process your data, you can withdraw that consent at any time.
To exercise your rights, please contact me at andy@headfirsthypnotherapy.co.uk
Data Security:
I implement reasonable security measures to protect your information from unauthorised access, disclosure, alteration, or destruction.
However, no data transmission over the internet or storage system can be guaranteed to be 100% secure.
Email is not recognised as a secure medium for communication. For this reason, I request that you do not send private information to me by email.
However, doing so is allowed, but at your own risk. Some of the information you may enter on my website may be transmitted securely via a secure medium as secure sockets layer or SSL.
Information sent via my contacts page assumes you are happy for me to use that information to contact you.
I hold data both in handwritten and electronic form. Handwritten data could include, but not limited to, notes from the Free Discovery Session, enquiries that come through via phone that I have jotted in my notepad, session notes etc.
Any handwritten data that contains identifiable information about you is transferred directly to my Practice Management Software(PMS) and then shredded. If there is not an opportunity to input handwritten data into the PMS, handwritten notes i.e in a notebook, will be securely stored away in a lockable filing cabinet.
Access to any online systems I used to manage my hypnotherapy practice will be via my laptop or smart-phone, both have a secure password and are not used by anyone else. All systems used to administer my practice and provide you with services, will be password protected.
I take all reasonable steps to ensure that any third parties I engage with for administrative or service-provision purposes, adhere to robust data security measures.
Your data's security and confidentiality are of the utmost importance to me, and I select partners who share my commitment to protecting your information.
I ensure that these third parties comply with all applicable data protection laws and regulations to safeguard your privacy.
Data Retention:
In accordance with data protection laws applicable in the United Kingdom, including the General Data Protection Regulation (GDPR), I retain your personal data for only as long as is necessary to fulfil the purposes for which it was collected. In all cases it will be kept no longer than necessary for the purposes of providing my services to you and to fulfil my obligations for financial, insurance and legal requirements for record keeping.
Therefore, specific retention periods for different types of personal data may vary depending on legal requirements, the nature of the data, and the purposes for which it was collected.
Generally, I will retain your personal data for the following periods:
Free Discovery Session Data: If you participate in a Free Discovery Session, but do not proceed to paid sessions, I will retain the personal information collected during this consultation for a period of 12 months. After this period, your data will be securely deleted unless I have a legitimate reason or legal obligation to retain it for a longer duration.
Paid Sessions Data: If you decide to continue with paid hypnotherapy sessions following the Free Discovery Session, I will retain your personal data for a period 8 years, inline with the National Council for Hypnotherapy (NCH) Code of Ethical Conduct and Performance, after the conclusion of our professional relationship.
Data Security: During the retention period, your data will be securely stored to prevent unauthorised access, disclosure, or loss. I maintain robust security measures to protect your information.
Access to Your Data: You have the right to request access to your personal data at any time during the retention period. Please refer to the "Access to Your Data" section of our Privacy Policy for instructions on how to make such a request.
Communication Data: If you download my Free ‘Relaxation Audio’ and/or grant me permission to communicate with you either via that method or via any newsletter or sign-ups in place on the website from time to time, I will retain your contact information to continue to communicate with you. You may opt out of these communications at any time.
Legal Obligations: In some cases, I may be required to retain your personal data for a longer period to comply with legal obligations, regulatory requirements, insurance purposes, or for the establishment, exercise, or defence of legal claims.
Please note that even after the retention periods mentioned above have expired, I may retain certain data for statistical, analytical, or research purposes, in a manner that does not identify you personally.
Links to Other/External Sites:
My website may contain links to external websites that are not operated by me. Or I may suggest or send your resources i.e websites, articles to help and support you with your treatment.
Please be aware that this Privacy Policy applies solely to the personal information collected through my website or services, and I do not have control over the privacy practices of these external sites.
When you follow a link to another website, I encourage you to read the privacy policies of these third-party websites. I cannot accept responsibility or liability for their policies, content, or activities.
Your interactions with those websites are subject to their privacy policies and terms of service, and I recommend that you review them before providing any personal information.
While I take reasonable steps to ensure the quality and reliability of the websites I link to or may send to you for reference, I do not endorse, guarantee, or assume responsibility for any content, products, or services provided by third-party websites.
By using my website and by me providing you any website links/references/article etc, you acknowledge that I am not responsible for the practices or content of external websites, and you agree to hold me harmless from any liability arising from your use of these linked sites.
Medical Disclaimer:
The information provided on my website is intended for informational and educational purposes only. It should not be considered a substitute for professional medical advice, treatment, or diagnosis.
Consult a Healthcare Professional: The content on my website is not intended to be a substitute for professional medical advice. If you have or suspect you may have a medical or psychological condition, it is important to consult with a qualified healthcare or mental health professional for proper evaluation, diagnosis, and treatment.
No Guarantee of Results: It's important to understand that the effectiveness of hypnotherapy and therapeutic interventions can vary from person to person. While I strive to provide valuable and evidence-based information, I cannot guarantee specific outcomes or results.
Individual Results May Vary: The outcomes of hypnotherapy and other therapeutic approaches depend on various factors, including individual circumstances, commitment to the process, and the nature of the issues being addressed. Therefore, I do not make any guarantees regarding the results of hypnotherapy, or any other services offered on my website.
Assumption of Risk: By using my website and its resources, you acknowledge that you are doing so voluntarily and at your own risk. You are responsible for your own health and well-being, and you should seek professional advice when necessary.
Cookies:
What Are Cookies?
Cookies are small text files that are stored on your device when you visit my website. They serve various functions and can help improve your online experience.
Why Do We Use Cookies?
I use cookies on my website to:
Enhance Functionality: Cookies can help the website remember your preferences, such as language settings and login details, so you don't have to enter them every time you visit.
Analyse Website Usage: I use cookies to collect data about how visitors use my website. This information helps me understand user behaviour, improve my content, and optimize my website's performance.
Personalise Content: Cookies enable me to provide you with personalised content and recommendations based on your browsing history and preferences.
Marketing and Advertising: I may use cookies to track your interactions with my promotional materials and third-party advertisements. This helps me measure the effectiveness of my marketing efforts and deliver more relevant advertising.
Your Cookie Choices:
You have the option to disable or enable cookies when visiting my website. You can typically do this by adjusting your browser settings.
Please note that disabling cookies may affect your experience on my website, as certain features may not function as intended.
By using my website, you consent to the use of cookies as described in this Privacy Policy. If you choose to disable cookies, please be aware that some parts of my website may not work correctly.
Log Files:
My website utilises log files, as is common practice for hosting services analytics. All hosting companies do this, and it is part of the hosting services’ analytics.
These log files collect standard information including:
IP Addresses: IP addresses are automatically recorded as part of the routine operation of my website. These addresses are not linked to any personally identifiable information.
Browser Type: It logs information about the browser type you are using to access my website. This helps me ensure compatibility and optimise the user experience.
Internet Service Provider (ISP): It records the name of your ISP. This information is not used to personally identify you but helps me understand the general geographic location of my visitors.
Purpose of Log File Analysis:
Log Files are used for various purposes, including:
Analysing Trends: Log files provide valuable data for analysing trends, understanding how my website is used, and identifying areas for improvement.
Administering the Site: Log files help me administer and maintain my website, ensuring its functionality and security.
Tracking User Movements: Log files track user movements around my website, such as which pages are visited most frequently. This information helps me improve the content and navigation of my site.
Gathering Demographic Information: Log files assist me in gathering general demographic information about my visitors. This data is aggregated and does not identify individual users.
I want to emphasise that the information collected through log files is not personally identifiable. It is used solely for the purposes described above to enhance the quality and performance of my website.
By using my website, you consent to the collection and analysis of data as described in this Privacy Policy.
Changes To This Privacy Policy:
I may update this Privacy Policy from time to time to reflect changes in my practices or for other operational, legal, or regulatory reasons.
Any changes will be posted on this page, and the revised Privacy Policy will be effective from the date of publication.
Consent:
By using my website and/or services, you agree to the terms of this Privacy Policy. Please review this Privacy Policy regularly to stay informed about my data practices.
Contact Me:
If you have any questions, concerns, or requests related to this Privacy Policy or the way I handle your personal data, please contact me at andy@headfirsthypnotherapy.co.uk