Privacy

Introduction

The Harbour (the ‘data controller’, referred to below as “us” or “we”) is committed to protecting your privacy. Please read the following in order to learn more about our privacy policy and our information collection and use practices.

This policy only applies to data collected by our staff, and via our own forms and website. Third party agents, and websites which are linked to ours, are not covered by this policy. If you have any queries concerning your personal information or any questions on our use of the information, please contact the Director using our contact form.

When you request counselling with The Harbour, or become an employee, volunteer or trainee therapist with The Harbour, or otherwise provide your personal details to us, you will be asked to consent to our processing of your data under the terms of this policy.

What information do we collect?

Requests for counselling services (“self-referrals”) – Requesting access to our services can be done online, on paper or in person over the telephone. As part of this process you must provide us with your name, address, telephone numbers, email address, date of birth, and name of your GP and GP surgery. We will also request information on your availability, your reasons for requesting our services, and other details which we deem relevant to processing your request.

Assessment Appointments – Before your assessment we will ask you to complete a Client Information Form, which gathers more information about you (eg. Emergency contacts, your state of mind and what you hope to get out of counselling at The Harbour). We also ask you to complete an Equalities Monitoring Form to help us understand more about who accesses our service. At the assessment appointment we ask about your current personal, social, and medical circumstances. We may also ask about your background and family history, as well as the issues which are affecting you now. We require this information so that we can decide about our offer of counselling to you, to assign you to a counsellor, and to manage the service we provide to you.

Trainee Therapists and Volunteers – Counsellors, receptionists and other volunteers may apply for placements by form, letter, or email. They may also be interviewed. We may ask about your background, qualifications, experience, and professional memberships. We also ask for your name, address, telephone numbers, email address, and address and telephone details for referees and people we may need to contact for you in emergencies.

Employment – In order to apply for job opportunities advertised on our website and elsewhere, and to become an employee of the charity, you will be required to provide your contact details and other personal information contained in your CV (such as employment history and qualifications), as well as contact details of referees. This information is only processed for the purpose of considering your job application, making any offer of employment, and administering your contract of employment.

Donors – The information you give us when making a donation may include your name, postal address, email address, phone number, amount donated, Gift Aid status, and messages.

Web systems – We collect anonymous data using Google Analytics relating to how people use our website and ‘web traffic’ statistics using ‘cookies’. A cookie is a small file which is placed on your computer’s hard drive from our website. Our website uses cookies to analyse website traffic only using Google Analytics.

If you want to prevent this tracking as an anonymous user of the site you can either set your browser up to send Do-Not-Track headers; see the Firefox, Safari and Internet Explorer instructions or install the Ghostery plugin, which available for Firefox, Safari, Google Chrome and Internet Explorer and which has an option to block Google Analytics. All of our activity falls within the bounds of the Google Analytics Terms of Service.

We use an online service called MailChimp to send our newsletter. It handles all of the data we need for this. Mailchimp is part of The EU-US data privacy shield agreement, and is fully compliant with the General Data Protection Regulation – you can read more in the Mailchimp Privacy Statement.

You can subscribe to the newsletter using the subscription form on our site, and we will transfer email addresses from consenting users from other services. By completing the subscription form (and ticking the privacy policy option), we assume that you are consenting to receive email newsletters from us.

You can unsubscribe from the newsletter at any time and remove your data completely by following the unsubscribe link in every newsletter, or contact us and we will do it for you.

Other Forms – The information you give us on our forms (including all enquiry and application forms) may include your name, postal address, email address, phone number and other messages to us.

What do we use your information for?

We use information held about you in the following ways:

  • To provide clients with the professional counselling service requested from us.
  • To enable us to offer appropriate opportunities and support to our counsellors, receptionists and other volunteers.
  • To offer suitable counselling appointments, and to allocate clients and counsellors for counselling.
  • To notify you about changes to your appointments and other changes to our services.
  • To seek feedback from you on your experience of counselling with us.
  • To improve our service to ensure that it is provided in the most effective manner for you and for us.
  • To administer our service, including the arrangement of appointments, the handling of donations, and for financial control, data analysis, research, statistical and survey purposes.
  • To keep in touch with those who consent to this, for the purposes of organisational, service and professional development.
  • To fulfil our administrative, legal and contractual obligations as an employer.

What information do we share?

We will not share any information about you with other organisations or people, except in the following situations:

  • Consent – We may share your information with professional carers, support workers or others whom you have requested or agreed we should contact.
  • Serious harm – We may share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person. When possible we will discuss this with you first before we do this.
  • Compliance with law – We may share your information where we are required to by law or by the regulations and other rules to which we are subject.
  • It is necessary to provide your employee details to our payroll management company.
  • As part of the backups of encrypted data processed and held by professional IT security companies.

How do we keep your information safe?

All information you provide to us is stored as securely as possible. All paper forms and correspondence are kept in locked filing cabinets on our premises. All electronic records are stored on our own CiviCRM database, all access to which requires password-protected authentication, or by reputable service providers using secure internet ‘cloud’ technology.

Unfortunately, the transmission of information via the internet is never completely secure. Although we will do our best to protect your information using industry-standard protocols and encryption, we cannot guarantee the security of your data transmitted to us via email, including forms completed on our website which are transmitted by email; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Retention of records

Client notes and other documentation relating to clinical work are destroyed 7 years after the end of counselling sessions. Gift Aid declarations are destroyed/deleted after 7 years.

Your rights

You have the right to ask us to provide a copy of the information held by us in our records. You also have the right to require us to correct any inaccuracies in your information. If you would like to do this, please Data Protection Officer or Clinical Lead using the contact details below.

In the event of a request to view your records, we will invite you to do so at a meeting with the Clinical Lead, or another member of staff from The Harbour.

You may withdraw your consent for us to hold and process your data at any time and the database administrator will remove your records and confirm when it is done.

However, if you do this while actively receiving counselling at The Harbour, your counselling would have to end. You can withdraw your consent by submitting our Consent Withdrawal Form, or by contacting the Data Protection Officer by email via info@the-harbour.org.uk, or in writing to:

Data Protection Officer
The Harbour
30 Frogmore Street
Bristol
BS1 5NA

Changes to this policy

We may edit this policy from time to time. If we make any substantial changes we will notify you by posting a prominent announcement on our website.