Privacy Policy

Gentle Spirit

Privacy Policy

I am committed to ensuring that your privacy is protected, that your personal data will be kept safe  and secure and will only be used for the purpose it was given to me. I adhere to current data protection legislation,  including the EU General Data Protection Regulation (GDPR), Data Protection Act 2018 and Electronic Communications  Regulations 2003.

This Privacy Policy explains the personal data  that I, Margaret Smith, hold about you and how I use it. 

I am registered with the Information Commissioner’s Office (ICO) as a Data Controller.

Why do I collect and use your information?

  • To respond to your enquiries and provide you with one of the services that I offer: Counselling, Psychotherapy, Mindfulness and Supervision.
  • To contact you about sessions, billing and appointments
  • To enable me to receive clinical supervision to support my work with you.
  • To keep important notes relevant to your counselling, psychotherapy, mindfulness or supervision.

 My lawful basis for holding and using your personal information.

The GDPR states that I must have a lawful basis for processing your personal data. There are different lawful bases  depending on the stage at which I am processing your data. I have explained these below:

If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information.

If you are currently having therapy or if you are in contact with me to consider therapy , I will process your personal data where it is necessary for the performance of our contract.

The GDPR also makes sure that I look after any sensitive information that you may disclose to me appropriately. This type of information is called ‘ special category personal information’. The lawful basis for me processing any special categories  of personal categories is that of the provision of health treatment (in this case, counselling, psychotherapy, mindfulness and supervision) and necessary for a contract with a health professional (in this case a contract between me and you).

The personal data I collect, how I use it and who I share it with.

 I collect and use the following information:

  • Your name, address, email address and telephone number
  • GP details
  • Medication relevant to mental health
  • A Copy of our Contract Agreement
  • Information relating to our work together.

I collect this information directly from you. For example when you fill in a contact form or share any information with me directly.

Records are kept up to date. I record only the minimum data needed for the purposes described above  and  anonymise the data I record whenever possible. I retain the your data for the minimum time necessary and do not transfer your data outside the UK. I use encryption and other security methods to safeguard your data  and I delete your data securely when no longer required.

I give a list of my clients’s names and contact details to my clinical executor. These details are password protected. She will be informed by my next-of-kin if I die or are suddenly taken ill and cannot contact you myself. She will then contact you and offer help as appropriate.

I would only share your data in the following circumstances:

  • In the event of disclosure of serious harm or risk to yourself or others, I may need to contact another professional such as your GP, mental health team or emergency services.
  • In the event that I am required to do so for legal reasons.
  • I may share your information with referring third parties for the purposes of provision of therapy and counselling sessions. I may disclose your information to referring third parties who you have entered into a contract with for my services.
  • In the event that I am incapacitated or of my death I have appointed a Clinical Executor who will have access to your details and be able to contact you.

How long I keep your data

  • I delete your contact details from my smart phone as soon as we have finished working together.
  • Notes of our sessions and a separate record of contact details are kept for seven years after we finish working together. They are then deleted securely.
  • Text messages, emails from devices and my webmail account are deleted within six months of them being sent, but any that I consider significant will be kept with my session notes for seven years after we finish working together.

Your rights

You have a number of rights with regards to your information. In some circumstances and where it will not result in harm to you, you can:

  • Ask me to delete your personal data, to limit how I use your personal data, or to stop processing your personal data
  • Access and obtain a copy of your information.
  • Request me to amend incorrect or incomplete personal data information

You can read more about your rights at

If you would like to exercise any of these rights, or put through a request for a copy of your data, please contact

How to Complain

If you do have any complaint about how I handle your personal data please do not hesitate to get in touch with me by emailing me at

If you wish to make a formal complaint about the way I have processed your personal data you can contact the ICO which is the statutory body that oversees data protection law in the UK.

The ICO’s address is:

Information Commissioners Office
Wycliffe House
Water Lane

Helpline number: 0303 123 1113

ICO website


Our Cookie Policy explains what cookies are and how we use them, the types of cookies we use i.e. the information we collect using cookies and how that information is used, and how to control the cookie preferences. For further information on how we use, store, and keep your personal data secure, see our Privacy Policy.

You can at any time change or withdraw your consent from the Cookie Declaration on our website

Learn more about who we are, how you can contact us, and how we process personal data in our Privacy Policy.

Your consent applies to the following domains: