Privacy Policy | Treetops Counselling

Effective Date: January 2026

This privacy policy outlines how I collect, use, store, and protect your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

⸻

1. Who I Am

I am Fiona MacKenzie, a registered psychotherapist based in the United Kingdom offering therapeutic services to clients in-person and online. I am registered with the British Association for Counselling and Psychotherapy (BACP), registration number: 240677

⸻

2. What Information I Collect

In order to provide psychotherapy services, I may collect the following personal information:

Full name
Date of birth
Contact details (address, email, phone number)
GP details (in case of emergency)
Relevant medical and mental health history
Session notes and records of communication
Emergency contact details
Payment information (if applicable)

⸻

3. How I Use Your Information

Your personal information is collected for the following purposes:

To provide you with psychotherapy, counselling and/or coaching services
To maintain accurate client records
To contact you regarding appointments
For safeguarding and emergency purposes
For lawful record-keeping and insurance purposes
To comply with legal or regulatory obligations

⸻

4. Lawful Basis for Processing

Under the UK GDPR, I rely on the following lawful bases for processing your personal data:

Contract: The data is necessary for me to fulfil the psychotherapy service agreement with you.
Consent: Where appropriate, I will ask for your explicit consent to hold or share certain data.
Legal obligation: I may process your data to comply with applicable legal and regulatory responsibilities.
Vital interests: In rare cases, to protect your life or the life of someone else
Legitimate interests: To maintain business records and manage professional obligations.

⸻

5. Confidentiality and Sharing of Data

Your information is kept confidential unless:

You give explicit consent for it to be shared.
I am required by law (e.g., serious risk to yourself or others, child protection concerns).
I am subpoenaed by a court of law.
It is discussed anonymously in clinical supervision (required for safe practice).

I do not share your data with third parties for marketing purposes.

⸻

6. How I Store Your Data

I store your data securely:

Electronic records are encrypted and password-protected.
Paper records (if any) are stored in a locked cabinet.
Emails are sent via secure platforms and are deleted after a reasonable period.
Online sessions are conducted via encrypted video platforms and are not recorded.

⸻

7. How Long I Keep Your Data

In accordance with professional guidelines, I retain your data for 7 years after the end of our work together (or until the client turns 25, whichever is later, if under 18), unless a longer retention period is required by law.

After this period, your data will be securely destroyed.

⸻

8. Your Rights

Under the UK GDPR, you have the following rights:

To access the personal data I hold about you
To request correction of inaccurate data
To request deletion of your data (where applicable)
To restrict or object to processing
To withdraw consent at any time (where applicable)
To lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk)

⸻

9. Cookies and Website Privacy (if applicable)

If you access my services via a website, please refer to the website’s separate Cookie Policy for details on how cookies are used.

⸻

10. Contact Me

If you have any questions or concerns about how I handle your data, please contact:

Treetops Counselling

Email: hello@treetopscounselling.co.uk

⸻

Review and Updates

This policy will be reviewed regularly and updated as necessary to reflect changes in data protection law or my practice.