As a Solution Focused Hypnotherapist & Psychotherapist, it is essential that I gather some personal information from you before we begin therapy. I am committed to handling and storing this data in compliance with the General Data Protection Regulation (GDPR) and the Code of Ethics set by my professional bodies, the Association for Solution Focused Hypnotherapy (AfSFH) and the Complementary and Natural Healthcare Council (CNHC). I am also insured with Holistic Insurance Services.

My business, DLM Hypnotherapy, is registered with the Information Commissioner’s Office (ICO), and you can learn more about this at https://ico.org.uk/. As a sole trader, I am both the Data Controller and the Data Protection Officer.

While you are not legally obligated to provide any personal information, withholding it may affect my ability to work with you effectively.

What kind of personal information will I ask for? To provide you with a safe and effective service, I will need to gather the following information: your name, contact details, medical history, your GP contact details, social and family background, professional situation, lifestyle, hobbies and interests, as well as the specific issues you would like assistance with. This is all completely confidential.

This information helps me maintain continuity in our sessions and supports your progress toward achieving your goals. It also enables me to refer back to previous sessions and discussions. I will only use your contact details and GP's information with your explicit consent, except in one specific circumstance (see below).

Will you discuss information about me with other health and social care professionals? As a professional, I have a Duty of Care to my clients. If I have reason to believe that you may harm yourself or others, I may be required to break confidentiality. In such a case, I would need to notify your GP or the relevant authorities. I will always strive to discuss this with you before taking any action. Additionally, if required by law, I may have to provide information to the police in accordance with a warrant or court order.

How will my Data be stored? Paper Session Notes – These are securely digitized and stored electronically before being destroyed. All notes are kept in a secure folder protected by a strong password on a password-protected computer. Text Messages – My phone is secured with a PIN code and biometrics. Emails – My email account is protected by two-step verification. Electronic Documents – Any electronic documents containing personal or sensitive information, such as a letter to your GP or an invoice, are password-protected and stored on a computer that is also password-protected.

How long will you store my Data? I am a member of the CNHC and the AfSFH, which requires me to retain your data for 8 years following your final session. If you are a child, I must keep your data until your 25th birthday, or until your 26th birthday if treatment ends when you are 17. All records will be deleted in the January following the end of the applicable retention period. This complies with NHS regulations for data retention.

What if I don't want you to hold onto my records that long? I am professionally required to retain certain data, particularly session notes and any communication related to our work together. You may request that these be anonymized, and I can remove all identifying information from my systems. In such cases, identifying details will be deleted, and the documents will be stored using coded filenames. Requests for account deletion or anonymization can be sent via email to [email protected], and this service is provided at no charge.

Can I see or get a copy of the information held by DLM Hypnotherapy? In accordance with GDPR, if you submit a written request specifying the data you would like to access, I will provide you with a copy of your data within 30 days. Before sending the information, I will need to verify your identity. This service is provided at no cost. Please be aware that my insurance company's legal team may need to verify any information I release.

Is what we discuss confidential? Everything you share with me during our sessions is kept strictly confidential. As a Hypnotherapist, to ensure I am providing effective support and receiving the proper guidance, I may discuss aspects of our sessions with my Supervisor. However, I will never disclose any identifying details, and my Supervisor also complies with GDPR regulations.

What if I see you outside of a session? If we happen to see each other outside of a session, I may smile and greet you but will not engage in further conversation to protect your confidentiality. However, if you wish to discuss your therapy with others, that is entirely your choice, and you are welcome to do so.

How does it work if I live overseas? Our sessions will remain the same, as my insurance covers me working remotely with clients worldwide. However, my policy is subject to Scottish Law with the Exclusive Jurisdiction of the Courts of the United Kingdom, therefore any claims against me will be subject to Scottish Law.

What if I need to cancel a session? Life can sometimes present unexpected situations or emergencies, and I completely understand that. I’m more than happy to reschedule or cancel provided I have 24 – 48 hours notice. Less than 24 hours notice, I reserve the right to charge full price for a missed session. As I work with many clients, I kindly ask that you respect both my time and the commitment you've made to the sessions. Hypnotherapy requires trust and dedication to weekly sessions in order to be effective, therefore if cancellations become frequent, I may need to discontinue our work together.

Who is the Data Controller and what is their ICO Registration number? The Data Controller is Dee Muchmore, trading name DLM Hypnotherapy. My ICO Registration number is: ZB829017.