Privacy Statement & Data Protection

I am registered with the ICO (Information Commissioners Office) which means I need to tell you what data I am collecting from you and what I intend to do with it.

Nicola Wainer Psychotherapist and Psychodynamic Counsellor is committed to protecting and respecting your privacy.
The only place your data will be collected is through the contact form – which is SSL protected so fully encrypted, as is the rest of my website.

If you do decide to come to therapy with me, then I will also hold your personal data in the form of a Contact Details form which I will ask you to sign as an agreement of the terms and conditions of the therapeutic relationship.

This policy, therefore sets out the basis on which any personal data I collect from you, or that you provide to me, will be processed by me.

Please read the following carefully to understand my views and practices regarding your personal data and how I will treat it. By visiting, you are accepting and consenting to the practices described in this policy.

For the purpose of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)) , the data controller is Nicola Wainer (address available on request).

What data do I keep and why do I need it?
Name and age :- this is basic information that helps me get to know you.
Address, email address, phone number :- I use this as a way of contacting you regarding your sessions. I will mainly use the method you first contacted me on but if I can’t reach you I will try a different method.
Doctors details :-If I was worried that you were at risk then I may need to contact your doctor, if I could I would tell you I was going to do this.

Will I share your data and if I do who will I share it with and for what purpose?
It is very unlikely I will share your data. I will not sell it on or use it for unethical reasons
I may have to share it if my notes are subpoenaed by court, if you or anyone you tell me about, is at harm or risk of harm I may have to pass this information on to your GP or the police.  I have also appointed a Clinical Executor. In the unfortunate event I can no longer work with you they will have access to your details and will get in touch with you. You have a right to request to see, have amended or have destroyed any data I may keep about you. I will respond to any such request made in writing within14 days.

How will I store your data?
The data on paper is kept in a locked cabinet.  I use an encrypted secure note keeping service. Your phone number and email address may be kept in my business mobile phone and my laptop computer which are passcode protected.

How long will I store your data for and how will I dispose of it?
I’ll keep any notes, your name and your unique code for 5 years which is the time frame my insurance company requests. I’ll shred this privacy consent document and your registration/contract form with your personal information on 1 month after our work finishes.
I’ll delete your phone number out of my mobile phone 1 month after our work finishes.
All emails from you will be deleted as soon as they are no longer needed and at least within 1 month of us finishing working together.

If you are not happy with the way I use your data you can complain to ICO at
or phone them on 0303 123 1113.
The only other person involved in your case – only your first name or initials will be known to them, – will be my Supervisor, who is held by the same privacy, data protection and confidentiality clauses as described here and in my contract.

Access to information
The current Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act.

Your rights
You have the right to opt-out of receiving marketing emails or surveys from me. I have added this clause in my contract. You can also let me know whether you want to change how I use your data.

Right to Access

You have the right to ask for a copy of your personal information, free of charge, in an electronic or paper format. You also have the right to ask me to amend or change any incorrect information about you.

Right to be forgotten

You have the right to ask me to delete any information that I hold about you, including personal information that is no longer relevant to original purposes – for example when our therapeutic relationship has ended or if you wish to withdraw consent. In all cases and when considering such requests, these rights are obligatory unless it’s information that I have a legal obligation to retain.

Data Portability

You have the right to receive your personal information as previously provided, and to transfer this information to another party.

If you follow a link from my websites to any other websites, do have a look at their own privacy policies, for your information and security.

If you have any questions or comments, please use the contact form provided.

I don’t hold any data in regards to cookies, but (host for might still collect them without my direct knowledge.