CALL +44 1784 618437
Email hello@inneractioncounselling.co.uk

Counselling in Hampton Hill & Online

Inner Action Counselling Logo with three concentric green circles, darkest in the centre and lightest on the outer edge, each outlined in white. A white tuning fork silhouette is angled diagonally to the right across the circles, intersecting the rings

GDPR Compliance Statement

Last Updated: June 2026.

Explanation.

This GDPR Compliance Statement provides an overview of my commitment to protecting personal information in accordance with the UK General Data Protection Regulation, (UK GDPR), and the Data Protection Act 2018. It summarises the principles, safeguards and legal responsibilities which guide the handling of personal information within my professional practice.

Introduction.

I am committed to protecting the privacy, confidentiality and security of personal information entrusted to me in the course of providing counselling and psychotherapy services.

As a sole trader psychotherapist and counsellor, I comply with the requirements of the UK General Data Protection Regulation, (UK GDPR), the Data Protection Act 2018 and all applicable data protection legislation.

I am registered with the Information Commissioner's Office, (ICO).

The personal information I process may include:

  • Contact details.
  • Appointment information.
  • Counselling agreements and contracts.
  • Therapy records.
  • Mental health information.
  • Relevant medical information.
  • Risk and safeguarding information.
  • Communication records.

As part of my professional practice, I process special category data relating to health and mental health. Such information is handled lawfully, fairly and confidentially.

Information is collected only where necessary for:

  • Providing counselling and psychotherapy services.
  • Managing appointments and communications.
  • Meeting professional and ethical obligations.
  • Safeguarding and risk management.
  • Compliance with legal requirements.

Appropriate technical and organisational safeguards are maintained, including password-protected electronic records, secure storage systems and confidentiality procedures.

Information is retained only for as long as necessary to meet professional, ethical, insurance and legal obligations. Details of retention periods can be found in the Data Retention Policy.

Personal information will not normally be disclosed to third parties without consent unless:

  • Required by law.
  • Required by court order.
  • Necessary to protect someone from serious harm.
  • Required to fulfil safeguarding responsibilities.
  • Necessary for the establishment, exercise or defence of legal claims.

Individuals have rights under UK GDPR, including the right to access personal information held about them, request correction of inaccurate information and raise concerns regarding the processing of their data.

Questions regarding data protection may be directed to:

Sandra Mazili

hello@inneractioncounselling.co.uk

If concerns cannot be resolved directly, individuals may contact the Information Commissioner's Office, (ICO).

Accessibility.

If you require this document in an alternative format, please contact me and I will provide it in a format suitable to your accessibility needs.

Sandra Mazili, MNCPS, MBACP

Get in Touch