March 2026
​
I am based in the UK and governed by UK jurisdiction.
By choosing to work together, we agree that neither you nor I shall engage in any type of recording, without explicit pre agreed consent.
Counselling Professional Body
I follow the Codes of Ethics and Practice of the British Association of Counselling & Psychotherapy (“BACP”). A copy of the code can be accessed here: https://www.bacp.co.uk/events-and-resources/ethics-and-standards/ethical-framework-for-the-counselling-professions/
Client personal information GDPR
Your personal information is stored securely and confidentially, either electronically, using codes with password protection or in paper format which is stored in a locked cabinet, coded for protection. The data collected is used to enable effective communication during the therapeutic and/or coaching process, it is used in a safe and ethical manner in accordance with the BACP Ethical Framework, Association for Coaching (AC), Universal Coaching Alliance (UCA), the EU General Data Protection Regulations (GDPR) 2018. I will only store any personal information which is relevant to our work.
Confidentiality
You may choose to give me the contact details of a trusted person in your life to contact should the need arise. This could be a friend, partner, family member etc. You may choose to give me the contact details of your GP details so I can get in touch if needed. From time to time I will discuss our work with my clinical supervisor/coach supervisor. This is standard practice for psychotherapists and coaches at all levels of experience and it supports me to work as well as I can with you. My supervisor(s) are bound by confidentiality within their own professional bodies.
Personal information I hold
You have the right to know what personal information I hold, why I hold it, how it is stored, who has access to it, and for how long I hold it. I will keep the following personal information so that I can work safely and professionally with you, in line with the guidelines of the BACP, Association for Coaching (AC), Universal Coaching Alliance (UCA).
Your name, address, phone number, email address, trusted person and GP details: I must receive this information password protected digitally from you. Only I will see this. I will print this information, which will be kept in a locked filing cabinet. A unique client code will replace your name. I will delete the digital copy. I may store your telephone number/address/ GP details password protected on my Macintosh computer, if I practice away from my main site. I will delete emails once I have read them, unless necessary to keep for a period of time (examples could be if I am on holiday or sick and unable to check emails). I may add what I perceive as relevant information from emails to your clinical notes for our therapeutic work. I may access emails on my mobile phone which is locked with a passcode when I am not using it. Your email address is held in my Protonmail account, which is 2-factor authentication (password and Authy app). When reading or writing emails on my Macintosh computer, I use a password to be able to access it. I will keep your personal information for five years. After that time it will be destroyed. This is required by my professional liability insurer and by my professional organisation (BACP).
Clinical Psychotherapy/counselling session notes: May include, although not exclusively, dates and times of attendance, cancellations, brief notes on themes from the session. I do not keep detailed session notes. I keep these brief session notes in hardcopy which is store in a locked filing cabinet when not in use. I may reflect on my own experience, which is confidential to me. Notes are used to remind me of important points I want to be sure to remember and/or to discuss in supervision. The notes will be destroyed five years after our work finishes. Only I will see this information. I also carry a paper diary with appointments, holding first names only next to appointment times.
Coaching session notes: May include, although not exclusively, dates and times of attendance, cancellations, notes, plans, goals and other from the session. I will store these on my password protected Macintosh computer with a unique client number.
Sharing and receiving of documents via email: Please password protect documents sent between us. Email 1.) send the document(s) in an email attachment password protected. Email 2.) Send me the password(s) for the document(s) separate from the email containing the documents. Do not send me the password protected documents and passwords in the same email. As an additional security measure, please do not title email subjects to me with words such as ‘therapy’ or ‘counselling’. You may choose to use more generic subjects such as, ‘inquiry', ‘information request’ etc. TIP: If you need support to understand how to password protect documents you can find this information via a search engine using terminology or words like ‘how to password protect a Word document’ (as example).
Therapeutic email/instant messaging work: Anything written by myself within these therapeutic email/instant messaging exchanges is considered confidential to me. I require you to not share my writings with anyone, or on any type of platform online, in hard copy or any other format. This is a requirement for us to work in these sessions. By engaging in them you are consenting to this. I do not store these therapeutic exchanges, I will make clinical notes as per point 2. You will send me your therapeutic emails via a Protonmail account (encrypted and free service): https://account.proton.me/mail/signup?plan=free&ref=mail_plus_intro-mailpricing-2
Payment information and invoices: I may make a note of payments you have made and invoices on a financial spreadsheet for my private practice and also in my paper diary. Your unique client reference code is used. Bank statements will show the name on account if you pay by bank transfer. I am required by law to retain certain financial information for tax purposes. I keep financial information for 7 years as required by HMRC. Payment by BACS will be processed by my bank, transactions may be viewed by employees of the bank, tax HMRC and/or my accountant. When payment is made via BACS, your account name or reference (or the name of the person who is paying) may show up on my online or paper bank statements. Please discuss alternative payment options with me if you need. Any other payment platforms used (e.g. Paypal), please access their privacy information directly.
My emails, texts (SMS) and WhatsApp messages to you, and yours to me: I may delete emails/texts/WhatsApp messages after I have noted the contents. Electronic correspondence will also be held by the corresponding application (Protonmail, Phone’s SMS, WhatsApp as examples). I may keep emails/texts/WhatsApp messages if I consider them necessary to our work. I may add them to your clinical notes.
Online voice/video/instant messaging: You may choose to work with me online with voice/video/instant message, we may use Zoom, or ‘Sessions’ (hosted by Psychology Today). Please check directly their terms of services from time to time as they may make updates to their polices. Please note that Psychology Today stores email content including contact details provided. I will delete after reading. ‘Sessions’ also notes name provided on calls, dates attended and how long for. I cannot delete this. You may choose to download ‘Client Video’ App to access our meeting in ‘Sessions’. In order to access it you will need to agree to their Privacy Notice. I will not record any of our work using any platforms or recording systems and require you do not either. To record me without my consent is a breach of this contract.
iCloud: I use a Macintosh computer, which uses iCloud. Please access their privacy information directly.
Website: My Wix website does not contain any personal information about clients. If you choose to make contact with me on my 'Get in Touch' form this is via 'Wix Forms' 1.) an automated message is sent by Wix with the Form content to my Wix message Inbox. 2.) an automated email from Wix with its content is sent to my Proton email account. I will delete this Wix Form message manually after reading it in my email/Wix inbox account. Please do not include personal and/or sensitive information in the Wix Form as an additional privacy/security measure. Wix automatically collects the contact details of the person filling the in Form if provided. I will delete this information collected by Wix manually.
Client feedback/testimonials: Sent to me via my Wix website is confidential unless you tick the box consenting for me to use your client feedback/testimonial (please note the same processes as website/Wix Forms is used, as per above). Your name is not requested in the form and will not be used in any type of promotional materials. I will print this Form, storing as hardcopy if you consent to my using this information provided anonymously for promotional purposes. Promotional purposes may include (although not exclusively), publishing on my website and advertisements, both online and other. If you do not consent, the Form will be deleted and not used for any promotional materials. It will be used exclusively for my own understanding and learning.
I use a personal mobile phone and may have my voicemail switched on. Please consider this in the information you leave in the voice message. All messages will be played and deleted daily, except during holiday or sick periods. Voicemails are accessed via a private PIN code.
​
Whilst I make efforts to protect your data there may be incidents that occur which are out of my control.
Your Rights under GDPR:
To be informed what personal information I hold.
To see the personal information I hold about you (free of charge for the initial request).
To rectify any inaccurate or incomplete personal information.
To withdraw consent to me using your personal information.
To request your personal information be erased. Though I can decline if the information is needed for me to practice lawfully and competently.
To receive the personal information which you previously provided, and the right to transfer that information to another party.
Data Controller
For the purposes of the General Personal information Protection Regulations (GDPR) 2018, the personal information “controller” is Anthony James Goodlad or Anthony James Goodlad Services. If you have any other questions regarding how your therapy client personal information GDPR is processed and handled, please do not hesitate to discuss with me.
The ICO website: https://ico.org.uk/
This notice may be updated from time to time, please check my website for updates.