top of page

​​​

 

Privacy Policy


Last Updated: 15/03/2025

​

Greenwood Clinical Psychology is committed to protecting your privacy and ensuring that your personal data is handled in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws. This Privacy Policy explains how your personal data is collected, used, stored, and protected when you engage with Greenwood Clinical Psychology private psychological therapy services. It is assumed that by using this service, you are consenting to records being kept.

​

1. Who We Are

Greenwood Clinical Psychology is a private clinical psychology practice based in Bristol. It provides psychological therapy services in accordance with ethical and legal standards.

If you have any questions about this Privacy Policy or your data, you can contact us at:

Greenwood Clinical Psychology
Email: greenwoodclinicalpsychology@protonmail.com

The Data Controller is Dr Hannah Greenwood-Murry, whom is registered with the Information Commissioners Office (ICO) https://ico.org.uk.

​

2. What Data We Collect

We may collect and process the following types of personal data:

​

2.1 Personal Identifiable Information (PII)

  • Full name

  • Date of birth

  • Contact details (address, phone number, email, video conference ID)

​

2.2 Health and Therapy-Related Information

  • Medical history relevant to therapy

  • GP contact details

  • Signed therapy contract agreement

  • Written records relating to assessment and therapy (including therapy session notes, letters, reports, outcome measures, diagrams).

  • If you are referred via a health insurance provider or other agency, personal data provided by that agency will also be collected and processed, as needed to provide a therapy service.

  • Any other information you provide during therapy sessions

​

2.3 Administrative and Payment Information

  • Payment details (processed securely via bank transfer)

  • Billing information

​

2.4 Technical Information

  • Browser name, type of computer and technical information about users means of connection to the website

  • IP address

  • Website usage data (via cookies, see Section 8)

​

3. How We Collect Your Data

​

We collect personal data through:

  • Direct interactions (e.g., when you contact us, complete forms, or attend therapy)

  • Referrals (with your consent)

  • Our website (via cookies or contact forms)

  • Telephone or email correspondence

​

4. Legal Basis for Processing Data

​

We only process personal data where we have a legal basis, including:

  • Consent – When you agree to us collecting and processing your data (e.g., therapy sessions, referrals).

  • Contractual Obligation – When processing is necessary to provide our therapy services.

  • Legal Obligation – When we must comply with legal or regulatory requirements (e.g., risk safeguarding concerns).

  • Legitimate Interest – When processing is necessary in order to provide psychological assessment and therapy services.

​

5. How We Use Your Data

​

We use your personal data to:

  • Provide psychological assessment and therapy services

  • Respond to queries

  • Assess and improve our services

  • Manage bookings and payments

  • Communicate with you regarding appointments or therapy-related matters

  • Comply with legal, regulatory, or ethical obligations

​

If you do not provide the personal information requested, we may be unable to provide a service to you.

​

6. Confidentiality and Data Sharing

​

We respect your privacy and confidentiality. Your personal data will not be shared without your consent, except in the following situations:

  • Legal Requirements – If we are legally required to disclose information (e.g., safeguarding concerns, court orders, information related to acts of terrorism, drug trafficking and money laundering)

  • Risk and Safeguarding purposes – If we believe there is a risk of harm to you or someone else. We will discuss such disclosures with you first, unless there are concerns that doing so could increase the risk to you or someone else.

  • Supervision – As part of ethical best practices, we may discuss cases (anonymously) with a professional supervisor.

  • Your data and information will never be sold to others.

​

If you are funding assessment or therapy via a health insurance provider, required information may need to be shared with the insurance provider to facilitate this, such as appointment schedules or treatment updates.

​

7. Data Retention

​

We retain your personal data only for as long as necessary to:

  • Provide psychological assessment and therapy services

  • Comply with legal and ethical obligations (e.g., professional record-keeping guidelines)

  • ​

In line with this, adult therapy records are kept for 7 years after the last contact with the service, unless a longer retention period is required by law. After this, your data is securely deleted.

​

8. Your Rights Under GDPR

​

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right to Access – You can request a copy of the personal data we hold about you.

  • Right to Rectification – You can ask us to correct inaccurate or incomplete data.

  • Right to Erasure ("Right to be Forgotten") – You can request deletion of your data, subject to legal, ethical, or professional record keeping requirements.

  • Right to Restrict Processing – You can ask us to limit how we use your data.

  • Right to Data Portability – You can request your data in a machine-readable format for transfer to another service provider.

  • Right to Object – You can object to certain types of data processing.

  • Right to Withdraw Consent – If we rely on your consent to process data, you can withdraw it at any time.

​

To exercise these rights, contact us at greenwoodclinicalpsychology@protonmail.com.

​

If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk
Helpline: 0303 123 1113

​

9. Data Security

​

We implement appropriate security measures to protect your personal data, including:

  • Storage of personal information and records in a secure cloud drive, with end-to-end encryption. Access to the drive is password protected and two factor authentication enabled.

  • Secure email system which uses encryption via Proton Mail. Attachments sent with sensitive personal information will be password protected. Access to this email account is through two factor authentication. 

​

While we take all reasonable precautions, no system can be 100% secure. If we experience a data breach that affects you, we will notify you in accordance with legal requirements.

​

10. Use of Cookies

​

Our website may use essential cookies. You can manage cookie settings in your browser.

​

11. Changes to This Privacy Policy

​

We may update this Privacy Policy periodically. The latest version will always be available on our website. If changes are significant, we will notify you directly.

​

If you have any questions about this Privacy Policy, please contact us at greenwoodclinicalpsychology@protonmail.com.

bottom of page