This is the privacy notice of Lucy Hyde. In this notice, “I”, “me”, “my”, or “mine” refer to Lucy Hyde.
I am registered as the Data Controller for my business, with the Information Commissioner’s Office (ICO), registration number ZA306694.
- This is a notice to inform you of my policy about all information that I record about you. It sets out the conditions under which I may process any information that I collect from you, or that you provide to me. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
- I regret that if there are one or more points below with which you are not happy, your only recourse is to leave my website immediately, and we will not be able to work together.
- I take seriously the protection of your privacy and confidentiality. I understand that all my clients and visitors to my website are entitled to know that their personal data will not be used for any purpose unintended by them, and that it will not accidentally fall into the hands of a third party.
- I undertake to preserve the confidentiality of all information you provide to me, and hope that you agree to preserve confidentiality in turn.
- My policy complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR).
- The law requires me to tell you about your rights and my obligations to you in regards to the processing and control of your personal data. I do this now, by requesting that you read the information provided at knowyourprivacyrights
- Except as set out below, I do not share, or sell, or disclose to a third party, any information collected through my website or through our work together.
The bases on which I process information about you
The law requires me to determine under which of six defined bases I process different categories of your personal information, and to notify you of the basis for each category.
If a basis on which I process your personal information is no longer relevant then I shall immediately stop processing your data.
If the basis changes then if required by law I shall notify you of the change and of any new basis under which I have determined that I can continue to process your information.
1. Information I process because I have a contract with you
When you become my client, a contract is formed between you and me.
The service I provide to you as a client requires that you provide me with personal information.
I process this information on the basis there is a contract between us, or that you have requested I use the information before we enter into a legal contract.
Additionally, I may aggregate this information generally to use it to provide ‘class information’, for example to monitor the performance of a particular service I provide. If I use it for this purpose, you as an individual will not be personally identifiable.
I shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.
2. Information I process with your consent
Through certain actions when otherwise there is no contractual relationship between us, such as when you browse my website or ask me to provide you more information about my services, you provide your consent to me to process information that may be personal information.
Wherever possible, I aim to obtain your explicit consent to process this information.
Sometimes you might give your consent implicitly, such as when you write to me requesting a response.
Except where you have consented to my use of your information for a specific purpose, I do not use your information in any way that would identify you personally. I may aggregate it in a general way and use it to provide class information.
I continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.
You may withdraw your consent at any time by writing to me at my registered office or by e-mail at . If you do so, I shall not be able to provide my services further.
3.Information I process for the purposes of legitimate interests
I may process information on the basis there is a legitimate interest, either to you or to me, of doing so.
Where I process your information on this basis, I do so after having given careful consideration to:
- whether I could achieve the same objective by other means
- whether processing (or not processing) might cause you harm
- whether you would expect me to process your data, and whether you would, in the round, consider it reasonable to do so
For example, I may process your data on this basis for the purposes of:
- record-keeping for the proper and necessary administration of my business
- protecting and asserting your rights, my rights, or the rights of any other third party
- insuring against or obtaining professional advice that is required to manage business risk
- protecting your interests where I believe I have a duty to do so
4. Information I process because I have a legal obligation
I am subject to the law like everyone else. Sometimes, I must process your information in order to comply with a statutory obligation.
I may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order. This may include your personal information.
Specific uses of information you provide to me
5. Information relating to your method of payment
Your debit or credit card number and other payment information is never taken by me or transferred to me either through my website or otherwise.
If you pay me by bank transfer, you may be identifiable by name in my bank account and statements.
6. Contacting me
When you contact me, whether by telephone, by post, through my website, via my social media page(s), by e-mail or via a professional directory, I collect the data you have given to me in order to reply with the information you need.
I may keep personally identifiable information associated with your message, such as your name and email address so as to be able to track my communications with you to provide a good service.
When I receive a complaint, I record all the information you have given to me.
I use that information to resolve your complaint.
If your complaint reasonably requires me to contact some other person, I may decide to give to that other person some of the information contained in your complaint. I do this as infrequently as possible, but it is a matter for my sole discretion as to whether I do give information, and if I do, what that information is.
I may also compile statistics showing information obtained from this source to assess the level of service I provide, but not in a way that could identify you or any other person.
If you complain about any of the content on my website or in any leaflet, I shall investigate your complaint. If I feel it is justified or if I believe the law requires me to do so, I shall remove the content while I investigate.
If I think your complaint is vexatious or without any basis, I shall not correspond with you about it.
Use of information I collect through automated systems when you visit my website
Cookies are small text files that are placed on your computer’s hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved.
Some cookies may last for a defined period of time, such as one day or until you close your browser. Others last indefinitely.
Your web browser should allow you to delete any you choose. It also should allow you to prevent or limit their use.
8.1. to track how you use my website
8.2. to record whether you have seen specific messages I display on my website
8.3. to keep you signed in my site
8.4. to record your answers to surveys and questionnaires on my site while you complete them
8.5. to record the conversation thread during a live chat
9. Personal identifiers from your browsing activity
My website is hosted by a hosting service, WordPress. Requests by your web browser may be recorded by that hosting service.
Information such as your geographical location, your Internet service provider and your IP address, may be recorded, as well as information about the software you are using to browse my website, such as the type of computer or device and the screen resolution.
This information is used in aggregate to assess the popularity of the webpages on my website and how I perform in providing content to you.
If combined with other information gained about you from previous visits, the data possibly could be used to identify you personally, even if you are not signed in to my website.
Disclosure and sharing of your information
10. Credit reference
To assist in combating fraud, I share information with credit reference agencies, so far as it relates to clients or customers who instruct their credit card issuer to cancel payment to me without having first provided an acceptable reason to me and given me the opportunity to refund money.
11. Therapeutic will
In the event of my death or incapacitation through illness, a nominated contact will receive the name and contact details only of any clients with whom I have a current counselling relationship, so that they can inform them.
12. Third party access to your information
Third parties may hold access to information gained through our communications together. This might include information gained through cookies or your browsing activity (as in points 8 and 9), information from phone contact between us, information about payments (as in point 5), and information derived from our work online via email and video-conference / instant messaging software. This will normally relate to times and durations of communication rather than content.
Access to your own information
13. Access to your personal information
13.1. At any time you may review or update or request that I remove personally identifiable information that I hold about you. To obtain a copy of any information that is not provided on my website you may send me a request at .
13.2. After receiving the request, I will tell you when I expect to provide you with the information, and whether I require any fee for providing it to you.
13.3. When I receive any request to access, edit or delete personal identifiable information I shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.
14.2. If a dispute is not settled then I hope you will agree to attempt to resolve it by engaging in good faith with me in a process of mediation or arbitration.
14.3. If you are in any way dissatisfied about how I process your personal information, you have a right to lodge a complaint with the Information Commissioner’s Office. This can be done at ico.org.uk
15. Storage of information
15.1 I use third-party software to store client records in the cloud. This is where the majority of information you provide to me is kept, including your contact information, emergency contact, case notes, information from sessions, signed agreements, invoices etc.
15.2 I keep your email address in the video conferencing / messaging software, and in my email account. These are both cloud-based.
15.3 I keep your phone number in my mobile phone using your initials only; my phone data is backed up to the cloud.
16. Retention period for personal data
Except as otherwise mentioned in this privacy notice, I keep your personal information only for as long as required by me:
16.1. to provide you with the services you have requested;
16.2. to comply with other law, including for the period demanded by relevant tax authorities;
16.3. to support a claim or defence in court.
I normally retain client records for 5 years after the end of the counselling relationship, unless one of the points above would require me to keep them longer.
17. Compliance with the law
I may update this privacy notice from time to time as necessary. The terms that apply to you are those posted here on my website on the day you use my website. I advise you to print a copy for your records.