top of page

Privacy Notice

 

 

This Privacy Notice explains how we collect, use, and protect your personal data when providing psychological services. It outlines your rights under the UK GDPR and Data Protection Act 2018.

 

 

 

Who We Are

 

 

Dr Ellie Hambly, Clinical Psychologist, is the data controller (ICO registered).

📧 Contact: hello@drelliehambly.com

 

 

 

What Data We Collect

 

 

  • Contact details: Name, email, phone, address, DOB.

  • Parent/guardian details for under-18s.

  • Health and clinical information: History, treatment notes, psychometric tools (e.g., RCADS).

  • GP/school details where needed.

  • Payment information via secure providers (no card details stored).

  • Technical data: IP address, browser type, cookies.

 

 

 

 

Why We Collect Your Data

 

 

We collect and process your data to:

✅ Provide and manage psychological services

✅ Register you as a client

✅ Monitor progress using tools like RCADS

✅ Maintain secure clinical records

✅ Arrange appointments and process payments

✅ Share relevant information with other professionals (only with your consent)

✅ Improve our website and services

 

We collect and process health-related data under GDPR Article 9(2)(a) (explicit consent) and 9(2)(h) (healthcare provision).

 

 

 

Use of Heidi AI Transcriber

 

 

We may use Heidi AI, a secure, GDPR-compliant clinical transcription tool, to assist in accurate session record-keeping. No recordings are stored, and your explicit consent is obtained before use.

 

 

 

Online Sessions

 

 

Sessions may be conducted online (Microsoft Teams, Zoom) using secure platforms. We take steps to ensure confidentiality, and you are encouraged to attend sessions in a private space.

 

 

 

Data Retention

 

 

  • Under-18 at first contact: Data kept until age 26.

  • 18+ at first contact: Data kept for 7 years post-therapy.

  • Data may be retained longer only with explicit consent for anonymised research.

 

 

 

 

Your Rights

 

 

You have the right to:

 

  • Access your data

  • Correct or complete data

  • Request deletion (in certain cases)

  • Restrict processing

  • Object to processing

  • Request data transfer

 

 

Requests are free and completed within one month unless complex. Contact ellie@drelliehambly.com to exercise these rights.

 

You may also contact the ICO if concerned: www.ico.org.uk

 

 

 

Cookies

 

 

We use cookies to:

 

  • Improve site functionality

  • Analyse site usage for improvement

 

 

You can manage your preferences using our cookie banner.

 

 

 

Sharing Your Data

 

 

We only share your data when necessary:

 

  • Regulatory or legal bodies (e.g., HMRC)

  • GDPR-compliant service providers (IT, payments, CRM)

  • Other professionals with your explicit consent

  • For legal or business restructuring if required

 

 

 

 

Security

 

 

We use secure, encrypted systems, strong passwords, and restricted access to protect your data. Internet-based communications, however, cannot be guaranteed as fully secure.

 

 

 

Updates

 

 

This notice is reviewed regularly and may be updated to remain compliant. Please revisit this page periodically to stay informed.

 

 

 

Questions?

 

 

For any data-related queries, please contact:

📧 hello@drelliehambly.com

 

​

  • LinkedIn
  • Instagram
  • Facebook
Privacy 
Terms & Conditions

© 2024 by Dr Ellie Hambly 

Please be aware that this is not an emergency service. If you need immediate help please contact 111, or your GP for further advice or call 999 or go to A&E if you need urgent support.

bottom of page