Privacy & Confidentiality Policy

---

Luisa Passalacqua offers counselling and coaching services as Alexa Carenati Ltd. The following summarises Alexa Carenati’s policies on data handling for third party information, and client confidentiality. Note additionally that Luisa Passalacqua works within and is bound by the ethical policies of the ACCPH, the NCS and the BACP.

DEALING WITH PERSONAL INFORMATION

Alexa Carenati Ltd takes the security of third-party data very seriously. Any information held will be kept safe and secure and will only be used for the purpose it was given only for as long as we have your permission, and will be erased after 7 years, unless a legal case requires access to it, in which case it will only be kept in our systems until the case is settled.

Alexa Carenati Ltd adheres to current UK data protection legislation and complies with the ICO (Information Commissioner's Office) for organisations (https://ico.org.uk/for-organisations): registration certificate reference number is ZB003467.

The Privacy Policy states that there must be a lawful basis for processing personal data. There are different lawful bases depending on the stage at which data is processed. These are:

- Legitimate interest - applicable both before and after the end of the delivery of the service, for instance for those service users (clients) and other interested parties who subscribe to Alexa Carenati's mailing lists, etc.;

- Performance of the contract - applicable during the delivery of the service, to ensure that the service contracted for is delivered.    

For potential clients and other interested parties who subscribe to Alexa Carenati’s mailing list, email addresses are stored.  Individuals receiving Alexa Carenati’s updates retain the option to unsubscribe at any time.  The following types of information are retained about clients in particular:

- Name, email address, telephone number - these are collected when the initial session is arranged, or at the first or second session;

- Address, payment details (if applicable) - these are collected at the first or second session;

- Notes on risk - Alexa Carenati Ltd keeps minimal notes on sessions only pertaining to risk (e.g. potential of threat to life of client or others, etc.). These notes are brief, anonymised and stored electronically;

- Written communications - including introductory messages sent to the client (stored electronically), and any text messages exchanged with the practitioner.

All third-party data is stored securely on Alexa Carenati’s user-specific, password-protected 3rd-party cloud-based computer servers. No personal information relating to clients is downloaded and stored on electronic devices, with the exception of the client’s telephone number and any text messages exchanged with the practitioner that are recorded on the practitioner's password-protected telephone.

The client’s personal information is retained for a period of 7 years after the cessation of the service.  After this date, all data that does not pertain to financial aspects will be deleted, with the exception of email addresses if the client has subscribed to Alexa Carenati’s mailing lists.  Data relating to financial aspects (e.g. invoices raised and settled that would refer to the client’s name and address) are retained indefinitely within Alexa Carenati’s secure, user-specific, password-protected, 3rd party accounting system.

Third-parties have the right to ask that:

- Their personal information is deleted;

- The use of their personal information is limited;

- The processing of their personal information is stopped;

- They have a copy of their personal information.

Requests are to be made via email to Alexa Carenati Ltd at luisa.alexa@gmail.com. The client can read more about their rights at ico.org.uk/your-data-matters. Additionally, complaints on the handling of personal information can be made to the professional or to Alexa Carenati Ltd at the above email address or the ICO at ico.org.uk/make-a-complaint.

CLIENT CONFIDENTIALITY

The service offered is entirely confidential between the practitioner and client, with the exception of the following:

- Confidentiality may be broken at the client’s request;

- The practitioner may discuss important issues regarding the sessions, with their clinical supervisor (a suitably experienced and qualified practitioner) to ensure robust clinical oversight and to provide the best possible service to clients. Any such discussions omit personally-identifiable details, and the supervisor is nevertheless equally bound by confidentiality;

- If the practitioner has reason to believe that the safety of the client or someone else is at risk they may involve the relevant authorities. This is particularly the case if a child or vulnerable adult is deemed to be at risk of harm.  If at all possible the practitioner will seek to discuss any such disclosure beforehand with the client;

- The therapist may break confidentiality if required to do so by law or on the order of the court.  Explicitly, if the client discloses to the therapist conduct related to terrorism, drug trafficking or recent instances of driving under the influence of drink or drugs, the therapist must disclose this to the relevant authority;

- In the case of an unforeseen incident occurring to the practitioner such that they are incapacitated, another colleague will gain access to the client’s contact details in order to inform them of the situation and potentially make alternative arrangements for therapy.