Service Privacy Policy & Disclaimer

Please read this Privacy Policy & Disclaimer carefully before your Hypnotherapy treatment.

This document sets out the parameters within which Susan Hales Hypnotherapy & Coaching acquires, controls, stores, uses and disposes of any personal data, in line with General Data Protection Regulation (GDPR) requirements.

Susan Hales Hypnotherapy & Coaching takes your privacy very seriously and treats all your personal information as confidential. “Personal information” is information through which you can be directly or indirectly identified e.g. your name or email address. Susan Hales Hypnotherapy & Coaching strictly adheres to the requirements of the data protection legislation in the UK.

Susan Hales Hypnotherapy & Coaching does not sell, rent or exchange your personal information with any third party for commercial reasons, beyond the essential requirement for credit/debit card validation during payment of sessions. Susan Hales Hypnotherapy & Coaching follows strict security procedures in the storage and disclosure of information, which you have given us, to prevent unauthorised access in accordance with the UK data protection legislation.

WHAT IS GDPR?

“General Data Protection Regulation (GDPR) is, essentially, an upgraded version of the existing Data Protection Act legislation”

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual. The General Data Protection Regulation covers all companies that deal with data of EU citizens. GDPR came into effect across the EU on May 25, 2018 (Information Commissioner’s Office).

THE PERSONAL DATA INFORMATION SUSAN HALES HYPNOTHERAPY & COACHING HOLDS

As an organisation, due to the nature of the therapy services offered, Susan Hales Hypnotherapy & Coaching holds a moderate level of identifiable personal data including such data as is categorised under GDPR as ‘Special Category Data’.

Under GDPR, personal data is defined as “any information relating to an identified or identifiable natural person”. Special Category data is highlighted as sensitive and therefore needs more protection. Special Category data can include details of:

  • Race

  • Ethnic origin

  • Politics

  • Religion

  • Trade union membership

  • Genetics

  • Biometrics (where used for ID purposes)

  • Health

  • Sex life

  • Sexual orientation

It is viewed as sensitive as, in particular, this type of data could create more significant risks to a person’s fundamental rights and freedoms, for example by putting them at risk of unlawful discrimination.

THE PERSONAL DATA INFORMATION 

Susan Hales Hypnotherapy & Coaching holds the following client information:

  • Name, address and contact details including email address and telephone number

  • Issues which the client is presenting/details of problems with which the client requires help

  • Personal history including family details

  • Medical history and medication record

  • Record of progress through therapy

Susan Hales Hypnotherapy & Coaching understands that client consent for treatment is not the same as GDPR consent. In the healthcare sector, client data is held under a duty of confidence. Susan Hales Hypnotherapy & Coaching operates on the basis of implied consent to use client data provided, for the purposes of direct therapy treatment, without breaching confidentiality.

HOW SUSAN HALES HYPNOTHERAPY & COACHING ACQUIRES THIS INFORMATION

  • Via the contact form on www.hypno.co.uk

  • Via the newsletter sign-up form on www.hypno.co.uk

  • Via the consultation sign-up form on www.hypno.co.uk

  • At the initial consultation, in person, by email or by telephone

  • Through in-person therapy sessions

  • Through Skype therapy sessions

WHO SUSAN HALES HYPNOTHERAPY & COACHING SHARES THIS INFORMATION WITH

In line with Susan Hales Hypnotherapy & Coaching ICO registration statement, Susan Hales Hypnotherapy & Coaching sometimes needs to share the personal information it processes with the individual and also with other organisations. Where this is necessary, Susan Hales Hypnotherapy & Coaching is required to comply with all aspects of the Data Protection Act (DPA).

The following is a description of the types of organisations Susan Hales Hypnotherapy & Coaching may need to share some of the personal information with, that is processes, for one or more reasons:

  • Family, associates and representatives of the person whose personal data Hypnotherapy with Nick holds (if dealing with children, for example)

  • Client’s GP or medical/healthcare consultant etc. (in circumstances where this may be appropriate for those health professionals to know)

  • Central government, police forces and security services (if applicable lawful request made)

THE LAWFUL BASIS FOR PROCESSING PERSONAL DATA

Susan Hales Hypnotherapy & Coaching holds personal data as described above, to enable it to:

  • Contact clients signing-up for a free consultation via www.hypno.co.uk

  • Provide information on hypnotherapy, offers, tips, products and more to clients signing-up to Be in the Know via www.hypno.co.uk

  • Conduct an assessment for clients who request help with treatment

  • Provide therapy sessions relevant to those clients

  • Track progress through therapy for clients

  • Assess therapy ‘end-point’ in conjunction with clients

The lawful basis for processing this data is defined under Article 9(2) of the GDPR:

Processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects.

CONSENT

Susan Hales Hypnotherapy & Coaching understands that whilst the holding of sensitive client data is lawful, and is held under a duty of confidence in terms of therapy/treatment, consent to process personal data electronically, or for marketing purposes, must be:

  • Freely given

  • Specific

  • Informed

  • Unambiguous

Susan Hales Hypnotherapy & Coaching understands that holding client data for treatment purposes and GDPR consent are not related. GDPR consent is not a pre-condition for therapy/treatment.

Susan Hales Hypnotherapy & Coaching understands the need for positive opt-in and that consent cannot be inferred from silence, pre-ticked boxes or inactivity. A quick, easy ‘unsubscribe’ link on our email marketing communications will always be provided. Susan Hales Hypnotherapy & Coaching has also expressly advised its entire marketing database that they can continue to hear from Susan Hales Hypnotherapy & Coaching by actively ‘opting-in’ to clarify that they agree with this.

DATA SECURITY AND RETENTION POLICY

Susan Hales Hypnotherapy & Coaching's  IT system is backed up continuously. There is an active security policy in place to ensure that all data is backed up and held in a safe, confidential environment, including a secure, password protected, encrypted file. Susan Hales Hypnotherapy & Coaching's  laptops have an activated encryption function in the event of theft/misuse.

Personal data is held for a minimum of 5 (five) years, and an average maximum of 8 (eight) years, in line with NHS and healthcare industry guidelines, after which time it will be destroyed.

INDIVIDUAL’S RIGHTS

Under GDPR, Susan Hales Hypnotherapy & Coaching acknowledges the following rights of the individual, in respect of any personal data that we hold:

  • The right to be informed

  • The right of access

  • The right to rectification

  • The right to erasure

  • The right to restrict processing

  • The right to data portability

  • The right to object

  • The right not to be subject to automated decision-making including profiling

SUBJECT ACCESS REQUESTS

As outlined in GDPR guidelines, Susan Hales Hypnotherapy & Coaching will respond to and comply with all subject access requests within one month.

If it is felt that the individual’s request is manifestly unfounded or excessive, Susan Hales Hypnotherapy & Coaching reserves the right to refuse or to make a charge.

If any requests are refused on the above grounds, Susan Hales Hypnotherapy & Coaching will tell the individual why and inform them that they have the right to complain to the supervisory authority and to a judicial remedy – this will be done within one month of the request.

COMMUNICATION OF PRIVACY INFORMATION

Susan Hales Hypnotherapy & Coaching is communicating its privacy policy via this document which is, and will be, available at all times on www.susanhales.com.

If you would like to discuss any aspect of this document, please contact:

Susan Hales

+23058147588

contact@susanhales.com

Subject access requests should be submitted in writing to:

Susan Hales
Susan Hales Hypnotherapy & Coaching
27 Matala Estate
Mauritius
00100

Disclaimer 

This treatment is not intended to replace a consultation with your GP or other health care professional. The information provided by Susan Hales Hypnotherapy & Coaching should not be considered as medical advice. If you have any doubts or concerns about your health, you should seek advice from a medical doctor.

 

Cures

A well-motivated client is very likely to achieve realistic goals. However, it is unethical to guarantee a cure. The control of thoughts, beliefs, emotions and behaviours always reside within the client. No patient is “made” to do anything against their will using hypnosis.

Susan Hales Hypnotherapy & Coaching guarantees to apply her training, expertise and experience to your issues with the aim of achieving agreed goals in as reasonable time as possible. Estimates of the number of sessions required to treat a condition given at the enquiry stage or during the first consultation, are given on the basis of the information presented at that time.

Estimates are also made on the basis of treatment being given to previous patients with differing case histories. Hence each patient and the causes of their condition are unique. Estimates are only rough guidelines and are subject to change.

EXTRA 'RESULT ORIENTATED' Hypnotherapy sessions out-with the 'Hypnotherapy Block Of Sessions' as agreed upon are provided at no extra cost to the client up to and including  a maximum of TWO extra hypnotherapy sessions. Any session requested beyond this number will be at the clients expense. 

ONE presented issue will be treated per block of hypnotherapy sessions only. If you have more than one issue, then further blocks of sessions will be required.