Privacy, Confidentiality, Cybersecurity & Diversity Statement updated 11.04.22
Fiona Day Consulting LTD; Company Registration Number: 11472564
You have a right to be informed about how I process your data, and to be clear about my position on confidentiality and diversity. Please check this website link on a regular basis to check for any updates.
Fiona Day Consulting LTD provides coaching and mentoring services for individuals and groups / teams. I take your privacy and confidentiality seriously and will only use your personal information to administer your account and provide the products and services you have requested from me. I do not provide psychological therapy, medical care or personal counselling.
PRIVACY
I am registered as a Data Controller with the Information Commissioner’s Office for data protection purposes (registration ZA459178), and I am the Data Protection Officer for my business. I comply with the Data Protection Act 1998, Privacy and Electronics Communications Regulations 2003, and the General Data Protection Regulation 2018. I continue to ensure I am up to date with any changes relating to the UK-EU Trade and Cooperation Agreement (Brexit).
All current, former, and prospective client information is kept securely. I keep the minimum of notes, and store them securely until 5 years after our relationship has ended in line with my insurance policy requirements. If your data has been collected electronically it is kept on password protected devices and/ or on secure GDPR compliant cloud based servers[1]; or for paper notes of your Consultation or coaching sessions the data is kept in a locked filing cabinet during the course of our relationship following which it is scanned electronically and kept securely for a period of 5 years as per above. After 5 years all files will be permanently deleted and / or securely shredded. For clients who have a Consultation only but do not proceed to a coaching relationship, all electronic or paper records will be deleted and/ or securely shredded after a maximum period of one year. I retain anonymised notes and anonymised evaluation data as part of my reflective practice; I use first names only in my supervision notes.
I do not sell your data to any third party. The lawful basis for my processing your data usually relates to either consent or contract. I have signed up to the Personal Information Promise of the Information Commissioner’s Office. I use an administration assistant to help me with filing and record management and have ensured they are trained in Information Governance and confidentiality as a data processor.
I collect anonymised information on the use of my website and social media sites in order to understand my clients’ needs better. I use GDPR compliant third party software applications[2] in order to schedule and conduct appointments online, manage invoicing and contracting, and to manage my email newsletter subscriptions. No videoconference facility can provide absolute security, I offer all clients the opportunity to use Zoom when working online with individual meeting specific passwords and a high level of data security[3]; I will use other videoconferencing platforms of your choice if you prefer but cannot guarantee absolute security from any online platform.
You have rights as a data subject, and can unsubscribe from my client newsletter at any time. You can ask for a copy of any notes or records held by me regarding yourself, and I will respond within 28 days.
You can make a complaint regarding how I process your data with the Information Commissioner’s Office. Any data breaches will be reported to the Information Commissioner’s Office within 72 hours.
CONFIDENTIALITY
I understand that discretion and confidentiality are extremely important to my clients and I take great care to provide a safe and confidential service within the limits of the law. In line with my professional accountability ethics, if I have concerns about your or someone else’s welfare or Fitness to Practice, I will endeavour to discuss this with you in the first instance to agree a course of action with you. I will always make every effort to discuss any concerns with you in person or by phone, and will normally only contact another party as a last resort.
I will not release my notes, emails or any documents which you have sent to me without either your written agreement or a Court Order.
For clients whom I am in a contract for a 1:1 coaching programme, I request contact details of your Next of Kin in case of an emergency. By signing a contract with me, you agree to my contacting your Next of Kin in the unlikely event that I am very concerned about your wellbeing and am unable to gain sufficient assurance from you that you are seeking appropriate help.
If your employer is paying for your 1:1 coaching sessions, I will not normally release any information to your employer other than to confirm the number and/ or dates and times of sessions which have been attended, unless we have agreed this in writing.
If we are working together in a group or team coaching partnership, I may feedback information you have shared with me with the rest of the group/ team – this will be anonymously and in the format of general themes or issues, rather than as information attributable to you personally. Please ask me before sharing information with me if you are unsure.
In my coaching supervision, I will use your first name only if I am discussing you with my supervisor.
CYBERSECURITY
I undertake an annual cybersecurity risk assessment using the process advised by the UK Information Commissioner’s Office.
DIVERSITY AND INCLUSION
Fiona Day Consulting is committed to promoting diversity and inclusion, and to ensuring equity of access and service provision to Clients from all protected characteristics set out in the Equality Act 2010 (Race, Sex, Disability, Sexual Orientation, Religion or Belief, Gender Reassignment, Age, Marriage and Civil Partnership and Pregnancy and Maternity).
OTHER
I abide by the European Mentoring and Coaching Council’s code of ethics, and their Diversity and Inclusion Declaration. I also abide by the Advertising Standards Authority’s Guidance on the use of Testimonials. I am happy to answer any further questions regarding your privacy, confidentiality or diversity.
[1] Microsoft One Drive
[2] Acuity Scheduling and SquareSpace; Freeagent; Mailchimp; Zoom videoconferencing; Proposify
