Privacy Notice

Ylenia Therapy is the “data controller” for the personal information collected through this website and in the course of providing therapy. This means I am responsible for how your information is used and kept. I operate under the law of England and Wales.

If you have any questions about your data, you can contact me at yleniacounselling@gmail.com.

Depending on our contact, I may collect: your name and contact details (such as email and phone number); anything you choose to share when you enquire or during our sessions; and clinical notes about our work together.

Some of this information — for example notes relating to your health and wellbeing — is “special category” (sensitive) data, which I treat with particular care.

I use your information to provide and manage your therapy, to arrange and confirm appointments, to keep appropriate clinical records, and to run my practice (including invoicing).

My lawful basis under the UK GDPR is “contract” while we are working together, as the information is necessary to provide the service you have asked for, and “legitimate interests” for keeping records for a limited period after our work has ended. For special category (health) information, I rely on the condition that processing is necessary for the provision of health treatment by a health professional bound by a duty of confidentiality.

Records are stored securely. Electronic records and emails are held on devices protected by passcode and/or face-recognition access; any paper notes are kept in a secure place. I take reasonable steps to protect your information against loss, misuse or unauthorised access.

I do not sell your information or share it for marketing. I receive regular clinical supervision, which is a professional requirement; my supervisor works within the same strict framework of confidentiality, and I do not share clients' surnames or addresses in supervision.

There are limited legal and ethical exceptions where I may need to disclose information — for example, where I believe there is a serious risk of harm to you or others, or where the law requires it (such as safeguarding). Where possible and appropriate, I would discuss this with you first.

I use a secure video platform and email provider to arrange and deliver sessions.

I keep clinical notes and personal information securely for 5 years after the end of our work together, after which they are securely destroyed, unless I am required to keep them for longer by law.

Under the UK GDPR you have the right to: be informed about how your data is used; request access to the data I hold about you; ask for inaccurate data to be corrected; ask for your data to be erased; restrict or object to processing; and request data portability — in certain circumstances.

To exercise any of these rights, please contact me at yleniacounselling@gmail.com. Please note some rights are limited where I have a legal or ethical reason to retain information.

This website uses privacy-friendly, cookieless analytics to understand general visitor numbers and which pages are viewed. This does not identify you personally and sets no tracking cookies. If cookie-based analytics are ever introduced, you will be asked to consent first.

If a data breach occurs that is likely to affect your rights, I will report it to the Information Commissioner's Office (ICO) and, where required, to you, within 72 hours of becoming aware of it.

If you have any concerns about how I handle your personal information, please contact me first so I can help. You also have the right to complain to the Information Commissioner's Office (ICO), the UK's data protection regulator, at www.ico.org.uk.