RWC Logo 1.png

Privacy Policy

This privacy policy informs you how Rachel Wallis Counselling collects and processes your personal data collected from you through your interaction with us and this website - rachelwalliscounselling.com.
Rachel Wallis is the data controller and responsible for your personal data.

Introduction

This privacy policy notice is served by Rachel Wallis Counselling under the website; [www.rachelwalliscounselling.com]. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.

Policy key definitions

  • "I", "our", "us", or "we" refer to the business, Rachel Wallis Counselling.

  • "you", "the user" refer to the person(s) using this website.

  • GDPR means General Data Protection Act.

  • PECR means Privacy & Electronic Communications Regulation.

  • ICO means Information Commissioner's Office.

  • Cookies mean small files stored on a users computer or device.

Key principles of GDPR

Our privacy policy embodies the following key principles; (a) Lawfulness, fairness and transparency, (b) Purpose limitation, (c) Data minimisation, (d) Accuracy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.

Your Individual Rights

Under the GDPR your rights are as follows. You can read more about your rights in details here;

  • the right to be informed;

  • the right of access;

  • the right to rectification;

  • the right to erasure;

  • the right to restrict processing;

  • the right to data portability;

  • the right to object; and

  • the right not to be subject to automated decision-making including profiling.

You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.

We handle subject access requests in accordance with the GDPR.

What Personal Data We Collect

Personal data means any information capable of identifying an individual. It does not include anonymised data. The types of data we may process about you are:

  • Personal details (such as your name, e-mail address and telephone number) which you provide by submitting an enquiry via the website, email or telephone.

  • Financial and transaction data such as payment card details, billing address, delivery address, details about payments to and from you and other details of services you have recieved from us.

  • How you use the website and any other information you post, e-mail or otherwise send to us.

  • IP addresses – we may collect information where available about your IP (internet protocol) address, operating system and browser type, plug-ins, time zone setting, location and other technology used on devices through which this site is accessed. This data provides us with information about users’ browsing actions and patterns. It is used to inform improvements to the Website and for internal system administration.

  • Marketing and communication data includes your preferences in receiving marketing from us and our third parties and your communication preferences. 

  • Profile Data including purchases or orders, your interests, preferences, feedback and survey responses as provided by you.

  • Usage Data may include information about how you use our website and services.

How We Collect Data

Personal data is collected through direct interactions and automated interactions or technologies.

Direct interactions: You may provide data by filling in forms on our site or by communicating with us by post, phone, email or otherwise, including when you:

  • inquire about or order products or services;

  • subscribe to our service or publications;

  • request resources or marketing be sent to you;

  • enter a promotion or survey; or give us feedback.

Automated technologies or interactions:  As you use our website, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies. Please see our cookie policy for further details.​

Internet Cookies

We use cookies on this website to provide you with a better user experience. Cookies are small text files on your device / computer hard drive which track how you use the website, record or log whether you have seen particular messages that we display, keep you logged into the website where applicable, display relevant adverts or content, referred you to a third party website. Some cookies are required to enjoy and use the full functionality of this website. Our site has a notification which informs visitors of cookies and requires your consent. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.

Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

By using this website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy and for the purposes set out above. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google.

Data Security & Protection

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.

Purposes for collecting and processing personal data

Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.: 

Purpose: To establish and maintain contact with a client

Type of Data: Identity & contact details

Lawful Basis: Contractual Obligation

Purpose: To process and deliver counselling services including: manage payments, fees and charges, collect and recover money owed to us

Type of Data: Identity, contact details, financial, transactions.

Lawful Basis:  contractual obligation, necessary for our legitimate interests to recover debts owed to us.

Purpose: To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising

Type of Data: Identity, contact details, profile , usage, marketing and communications, technical

Lawful Basis: Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy

Purpose: To manage our relationship with you which will include: notifying you about changes to our terms or privacy policy, asking you to leave a review, give feedback or or take a survey.

Type of Data: Identity, contact details, profile, marketing and communications.

Lawful Basis:  Contractual obligation, necessary to comply with a legal obligation, necessary for our legitimate interests to keep our records updated and to study how customers use our products/services.

Purpose: To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Type of Data:  Identity, cookies, technical

Lawful Basis:  Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise, necessary to comply with a legal obligation

Purpose: To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

Type of Data: Cookies, technical ,usage

Lawful Basis: Necessary for our legitimate interests to define types of clients for our services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy

Purpose: To make suggestions and recommendations to you about  services that may be of interest to you

Type of Data:  Identity, contact details, technical, usage, profile

Lawful Basis: Necessary for our legitimate interests to develop our products/services and to grow our business

Purpose: To enable you to partake in feedback, review or complete a survey

Type of Data:  Identity, contact details, profile, usage, marketing and communications

Lawful Basis:  Necessary for our legitimate interests to study how clients use our products/services, to develop them and grow our business

Sharing your Personal Data

There are some circumstances in which we are required to share your personal data with other organisations or third parties.

These are:

  • Service providers who provide IT and system administration services.

  • Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.

  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

We will not share your personal data with any other organisation or third parties unless as set out in this privacy notice or by seeking your prior consent. An exception to this would be where we are required to share your personal data in accordance with law or any regulatory requirement to which Rachel Wallis Counselling is subject.

How long we store personal data

Your personal data  will be kept by Rachel Wallis Counselling for no longer than is necessary for the purpose we obtained it for including for the purposes of satisfying any legal, accounting, or reporting requirements. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

You have the right to request that we delete any personal data belonging to you. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Concerns

If you have any concerns about how your data is being stored and used in any way ,then in the first instance please contact Rachel Wallis, who is the data controller for Rachel Wallis Counselling. If you have any further concerns which are not addressed then you should contact Information Commissioner’s Office here.

 

Breaches

Rachel Wallis Counselling will report any data breach to the Information Commissioner, to National Counselling Society and to yourself within 72 hours if it becomes apparent that any data is stolen. Our data protection registration reference is A8508556.

 

Contact

If you wish to contact me with questions, concerns, complaints or requests for your information then please contact Rachel Wallis.