Privacy Policy 

Your Trust is Our Priority

At Rainbow Psychotherapy, we understand that privacy and data protection are crucial for our clients. That's why we are registered with the Information Commissioners Office (ICO). 

Our registration demonstrates our commitment to maintaining the highest standards of confidentiality and data protection. We adhere strictly to the ICO's guidelines and requirements, ensuring that your personal information is handled with the utmost care and security. 

When you choose us, you can rest assured that your mental health journey is protected by a team that values your trust above all.

Privacy notice

To give you the best possible service, we need to keep your contact details and records of your therapy. This privacy notice explains how we handle this personal information. Your privacy is important to us, and you can trust that your information will be kept safe and secure by us at all times. 

We follow current data protection laws, including the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003. We also follow the ethical guidelines set by the National Counselling and Psychotherapy Society (NCPS) to protect client privacy and confidentiality. 

Why we hold your information

Under GDPR, we need a valid reason for using your personal information. The reason may depend on whether you are currently an active client with us or if your therapy has ended. If your therapy has finished, we hold your information based on legitimate interest. If you are currently having therapy or considering it, we use your details to fulfil our agreement. We also ensure that any sensitive information you share, known as ‘special category personal information’, is handled appropriately. 

How we use your Information

We will only use your personal data to manage your therapy, such as arranging or changing appointments. We will keep your personal information only for as long as needed, following guidance from the Information Commissioner’s Office. 

Initial contact and assessment

When you contact us for your initial assessment call, we will collect basic information, like your name and a way to contact you, such as an email or phone number. This helps us inform you about any changes to your appointment. If someone else refers you, we may receive your details from them. If you choose not to proceed with therapy, we will delete your personal data within a month. You can ask us to delete this sooner if needed. 

While you are receiving therapy 

If you give your consent, we will use your email address or phone number to send you written confirmation of your appointment times, reminders and if appropriate send you online video links. We will only contact you about appointments unless you agree to us sharing additional information related to your therapy ie worksheets or educational materials. At the start of your first session, we will ask you to fill out a personal details form with your name, address, date of birth, and GP contact details. This form will be stored securely and only accessed by me or my assistant. We won’t contact your GP unless it’s necessary. In such cases, I will discuss it with you first when possible. Everything we discuss in our sessions will remain confidential. 

I am an Accredited Member of NCPS and follow their ethical guidelines. I will only break confidentiality if there are legal obligations, such as if you mention harm to yourself or others, or if a court requires me to share information. If confidentiality must be broken, I will discuss it with you first unless there are urgent safety reasons. Full details concerning the boundaries of confidentiality are set out in the new client contract document you will have signed when starting therapy. I will have explained this all verbally at the beginning of your first session. 

Psychotherapists like me are required to have regular supervision. Ian may discuss our work with his supervisor without revealing your identity. I keep brief notes of our sessions for my use, stored safely and separately from your personal details. These notes don’t include your identifiable personal information. 

When therapy is over

We are required to keep some records after therapy ends. For example, I must keep personal information for tax purposes. I also keep therapy notes for seven years after therapy ends, but they don’t contain identifiable information and are stored securely. After seven years, they will be destroyed. Your personal details form will be destroyed at the end of therapy, but I need to keep your name, date of birth, and client reference number for seven years to identify your notes if necessary. 

Sharing personal data with others

We only share limited personal data with others to provide therapy services or meet legal obligations. For example, our accountant may access specific information for tax purposes. If you book a face to face appointment, I’ll have to share your name with the reception staff at the location. I will never share your contact details for sales, marketing, or research purposes. If your therapy fees are paid for by a third party, I’ll only share your attendance dates and non-attendance details with them for billing; the documented content of our sessions will stay confidential and can only be shared with your written consent.

Data security

We take your data security very seriously. Our email account and devices used to communicate with you are password protected and have antivirus software. Any unnecessary email correspondence will be deleted within three months. 

Website visitors

By using my website, you consent to our information collection and usage practices described in this notice. If you contact us through the website’s contact form, your information won’t be stored or shared with others; it will be sent to us via email securely. The website uses cookies and Google Analytics to collect anonymous data about site usage, helping me improve the website. 

Your rights

Under GDPR and 2018 guidelines, you have rights regarding your personal information. You can request access to your data, ask for corrections, or request deletion. You can also ask us to limit how we use your information or object to its use in some cases. You can learn more about your rights at ico.org.uk/your-data-matters. To make a request, please email Ian McNeill at ian.mcneill@rainbowpsychotherapylimited.co.uk. 

Questions

The ‘data controller’ is the person responsible for collecting and managing personal data. In this case that person is Ian McNeill, Managing Director, Rainbow Psychotherapy Limited. I am registered with the Information Commissioner’s Office -registration number ZB898641. 

If you have questions about this privacy policy or how we handle your information, feel free to contact Ian on 07702807945 or email Ian McNeill at ian.mcneill@rainbowpsychotherapylimited.co.uk. 

Complaints

If you have a complaint about how we handle your data, please let me know via email at ian.mcneill@psychotherapylimited.co.uk. For formal complaints regarding personal data processing, you can contact the ICO, the UK body overseeing data protection law directly. Information is available at ico.org.uk/make-a-complaint. 

Changes to this privacy notice

We may update this privacy notice from time to time, so please check back occasionally for any changes.

Legal NoticePrivacy Policy 

2025 © Copyright Rainbow Psychotherapy Limited. All rights reserved. 

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.

Privacy Settings

Website Translator

Google Maps

Privacy Settings

This tool helps you to select and deactivate various tags / trackers / analytic tools used on this website.

Select all services
Website Translator
More
Google Maps
More
Save Settings