Privacy policy

This privacy policy explains how your personal information is collected, used, and stored at Sandra Logue Therapy. It reflects my commitment to privacy, confidentiality, and good data practice, in line with the UK General Data Protection Regulation (GDPR).

As a sole practitioner, I take the responsibility of looking after your information seriously. If you have any questions after reading this, please contact me using the details at the end.

Why I Collect Information

I collect and store personal information to provide safe, effective psychological assessment and therapy. This includes both general contact details and more sensitive ‘special category’ information, such as your mental health history and what you share in therapy sessions.

The lawful basis for collecting and processing your information is my legitimate interest as a registered therapist and because it is necessary for the delivery of healthcare. You are not obliged to share this information, but without it, I may not be able to provide therapy.

What I Collect

When you contact me or begin therapy, I may collect:

  • Your name, contact details, and date of birth

  • Emergency contact and GP details

  • Information about your current difficulties and relevant history

  • Notes from our sessions

  • Referral details (if referred by your GP, psychiatrist, or insurer)

How I Use Your Information

Your personal information is used to:

  • Respond to enquiries and communicate about appointments

  • Provide psychological therapy and support

  • Keep accurate clinical records

  • Comply with legal, regulatory, and professional obligations

  • Process invoices or insurance claims where relevant

Sharing Your Information

Your information will remain confidential and will only be shared:

  • If required by law (e.g., safeguarding or welfare concerns)

  • With your consent (e.g., sharing a report with your GP or insurer)

  • Within professional supervision (anonymised, with supervisors bound by confidentiality)

  • To process payment through secure systems if you use medical insurance

Clinical Will

In the unlikely event I become suddenly incapacitated or unable to continue working, a Clinical Will is in place. This means a trusted colleague may access your records temporarily to notify you and ensure continuity of care. This is a safeguard to protect your wellbeing and privacy.

Confidentiality

Therapy and personal information are kept securely. I discuss my clinical work in supervision with anonymised identities. Confidentiality may only be broken if safety or welfare concerns arise.

Digital Sessions

  • Remote therapy is conducted via Zoom, a secure, end-to-end encrypted platform.

  • With your consent, I may use Zoom AI Companion to assist in summarising key session themes. This AI tool operates fully within Zoom’s encrypted environment and does not share your data externally beyond your clinical record. Zoom’s privacy and security information can be accessed here: Zoom AI Privacy & Security.

  • You are responsible for ensuring a private, safe space during sessions.

How I Store and Use Your Information

  • Stored securely in digital formats only

  • Systems used: encrypted storage, GDPR-compliant platforms, password-protected devices, two-factor authentication

  • With your consent, notes may be summarised using Zoom AI Companion; no external parties access this, and your data is never used beyond clinical records

Information collected via emails, forms, or messages is also stored securely.

Retention of Records

  • Clinical and financial records are kept for 7 years following the end of therapy (or 7 years after age 18 if underage).

  • After this period, information is securely deleted.

Your Rights

You have the right to:

  • Access the information I hold about you

  • Request corrections if information is inaccurate or out of date

  • Request restriction or erasure of your data (unless legally required to retain it)

Requests can be made via email; responses will be provided within 30 days.

GPs and Other Professionals

It is useful to inform your GP or other professionals involved in your mental health care that you are commencing therapy.

Code of Ethics

I am accredited by the British Association for Behavioural and Cognitive Psychotherapies (BABCP) and operate under their code of ethics: BABCP Code of Ethics.

Data Breaches

Any breach of personal data will be reported to the Information Commissioner’s Office (ICO) within 72 hours, and affected individuals will be notified as appropriate.

Contact and Data Controller Information

Sandra Logue
Sandra Logue Therapy
Email: info@sandraloguetherapy.com

Please include "Privacy Query" in the subject line.

If unsatisfied with my response, you may contact the ICO: ico.org.uk.