Effective Date: 15.09.2025 Reviewed: 23.10.2025
1. Introduction
This Privacy Policy explains how I collect, use, store, and share personal information in line with the UK General Data Protection Regulation (GDPR). It applies to all counselling services provided both online and in person.
I am committed to protecting your privacy and handling your information with transparency and care.
Data Controller: Vasiliki Krikona / languageofself
Contact: Vasiliki.counselling@gmail.com|
2. The Lawful Basis for Holding and Using Your Information
Under the GDPR, the lawful basis for processing your personal data is “legitimate interest.” This means I need to process information in order to provide you with counselling services safely and effectively.
In some cases, I may also rely on “legal obligation” (e.g. for record keeping, safeguarding, or compliance with professional or ethical standards).
3. What Data I Collect and Why
I collect and store the following types of information:
– Personal details – name, contact information (for identification and communication).
– Emergency contact details – to ensure safety and wellbeing during sessions.
– GP or healthcare provider details – where relevant, for safeguarding or emergency situations.
– Session notes – brief factual notes to support therapeutic work.
– Email correspondence and scheduling information – to manage appointments and communication.
– Payment information – records of payment received (no card details are stored directly).
This information is collected solely for the purposes of providing professional counselling services and maintaining appropriate records.
4. How I Store and Protect Your Data
– Paper records (if used) are kept securely in a locked cabinet.
– Digital records are stored on password-protected, encrypted devices or secure cloud services.
– Emails and online communications are handled using secure, reputable providers.
– Online sessions are conducted via end-to-end encrypted platforms (e.g. Google Meet, Microsoft Teams, doxy.me).
Access to your information is restricted to me (the counsellor) and, where necessary, relevant regulatory or professional bodies if legally required.
5. How Long I Keep Your Records
In accordance with professional and legal guidelines, I retain client records for up to 7 years after the end of our work together (or 7 years after a minor turns 18). After this period, all records are securely destroyed (shredded or permanently deleted).
6. Sharing of Information
Your information will remain confidential unless there is a legal or ethical requirement to share it.
I may share information if:
– There is a serious risk of harm to yourself or others.
– I am legally required to disclose information (e.g. by a court order).
– You give explicit consent for information to be shared (e.g. referral to another professional).
I will always aim to discuss this with you first where possible.
7. Your Rights
Under the GDPR, you have the following rights:
– Access: You can request a copy of the personal information I hold about you.
– Rectification: You can ask me to correct inaccurate or incomplete information.
– Erasure: You can request that I delete your personal data (subject to legal or professional obligations).
– Restriction and Objection: You can request limits on how I use your data.
– Data Portability: You can request a copy of your data in a portable format.
To exercise any of these rights, please contact me using the details above.
8. Complaints and Contact Information
If you have any concerns about how your data is handled, please contact me directly.
If you are not satisfied with my response, you have the right to complain to:
Information Commissioner’s Office (ICO)
Website: https://ico.org.uk/concerns/
Telephone: 0303 123 1113
9. Updates to This Policy
This policy may be updated periodically to reflect changes in legal or professional requirements. The latest version will always be available on my website or upon request.
Language of Self 