Privacy Policy

Contact information:

Bhav Thaker

Tel: 07400834034

Email:hello@thelilaroom.com

I, Bhavisha Thaker, am the Data Controller and Processor of The Lila Room.

Data

I hold client data that is of legitimate Interest, as you would reasonably expect to be necessary for me to fulfil the contract we agree for me to offer and provide therapy.

Enquiries sent will mean I hold data including any information you have sent me by: email/text/message/online form.

From session 1, the data I hold includes:

·       Name and contact details

·       Notes pertaining to our sessions together

·       Records of treatment approaches used

·       Communication such as emails, texts and/or messages

·       Any appropriate third-party communication, e.g. GP, insurance company, EAP, occupational health provider.

Special category of data as defined by the General Data Protection Regulation (GDPR), may sometimes also be kept when: “processing is necessary for medical diagnosis, the provision of health care or treatment pursuant to contract with a health professional”.

Data is not shared with anyone without consent, except possibly your GP, or when legally or ethically required to do so as covered by the Requirements for disclosure, which are detailed and discussed at our first appointment.

Data is primarily used to enable me to provide therapy. Anonymised data may be used for research/ statistical purposes.

Details of where data is held:

·       Any emails sent between us are held on a password protected hard drive and in Dropbox which is secure cloud-based storage which is itself GDPR compliant. Any communication that may be held on my mobile phone are fingerprint/pin code protected.

·       Any texts/WhatsApp messages sent between us are held on my mobile phone which is fingerprint/pin code protected.

·       Your notes are stored on a database on a secure encrypted hard drive.   These are also anonymised using a coding system which enables me to know who the notes refer to, as an additional layer of protection

·       Your data will necessarily be held by third party payment systems such as PayPal and online banking.  I will download from these systems for accounting purposes, they will be password protected and anonymised for identifying personal details.

Insurance Requirements

In line with my insurance requirements, your data will be kept for 7 years after which time they will be permanently deleted/shredded. 

The Lila Room takes the security of data seriously and as such:

·       All data is held securely (see details of where data is held above)

·       Any data transmitted is sent encrypted where possible

·       For accounting purposes Excel spreadsheets are used

However:

·       I am not in control of data (including emails and texts) which you send me

·       Apps such as Facebook routinely access any information held and this is beyond my control.

If there is any breach of data security The Lila Room will give full details to the Information Commissioners Office and any person affected within 72 hours of the breach and do all possible to minimise any potential impact.

Your rights with regards to the data held:

·       The right of access. You may request to see your data at any time.  I will provide data as quickly as possible and usually within 30 days unless illness or holidays should prevent me from doing so. 

·       The right to rectification. If any data is incorrect, I will correct it as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).

·       The right to erasure. If you wish me to erase your data, I will delete any computer records and shred any paper records as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness). NB: purely statistical data cannot be redacted retrospectively but this does not include case notes or personal information

·       The right to restrict processing. Normally a temporary measure before correction of any errors or before erasure

·       The right to data portability. You may for example, want your notes sent to another therapist, in most cases of transfer, I would send the information directly to you

·       The right to object to:

o   Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling). Lila Room does not engage in these things

o   Direct marketing.

o   Processing for purposes of scientific/historical research and statistics. Forthis, you must provide grounds for your objection.

o   Automated decision making and profiling. The Lila Room does not engage in automated decision making or profiling

Cookies

In common with most websites, the Lila Room website uses cookies: a minimal amount of data sent from the website to your computer/mobile phone which is then stored on your device’s hard drive.

Cookies record information about your online preferences. They help me understand how visitors find and engage with my site so that I can improve the website’s visibility and accessibility. I do not use cookies to collect personally identifiable information about you.

Each website you visit can send its own cookie to your browser, if your browser’s preferences allow it. To protect your privacy, your browser only permits a website to access the cookies it has already sent to you, not the cookies sent to you by other websites.

How to control and delete cookies

You may restrict or block the cookies which are set by our website, or any other website, through your browser settings. You can also ask your browser to alert you when a cookie is issued.

More information about cookies and how to manage them is available at www.aboutcookies.org

I use Google Analytics to understand how visitors engage with my website. It collects information anonymously and reports website trends without identifying individual visitors. For more information visit Google Analytics privacy and security information.