Last updated: 17.06.26
Consider It Therapy is a company registered in Scotland (company number SC792232) with a registered address of Suite 436-437, Baltic Chambers, 50 Wellington Street, Glasgow G2 6HJ (‘we’, ‘our’, ‘us’ in this privacy statement).
This privacy notice explains how we collect, use, store and protect personal information in our therapy practice.
We are a group of therapists working in person, online, and by telephone. We are the data controllers for the personal information we collect through Consider It Therapy.
This means we are responsible for deciding how personal information is used and for keeping it safe.
If you have any questions about this privacy notice, or about how your information is handled, you can contact us at:
Email: info@considerittherapy.org
Website: www.considerittherapy.org
This privacy notice applies to people who contact us about therapy or room rentals, current and former clients, and visitors to our website.
Data processing principles
We take protecting online privacy and data security seriously. Please read this statement carefully, as it sets out our approach to processing personal data, including what information we may collect from you, how we may use, store, and protect it, and your rights as a data subject.
Our Privacy Statement outlines our approach to any kind of data processing where we are acting as a data controller or co-controller (including collection, use, transfer, storage and deletion) of personally identifiable information (any information that may be used to identify a physical person, and any other information associated therewith) about natural persons. This statement applies to our processing of data collected through any means, actively as well as passively, from persons located anywhere in the world.
Information we collect
We may collect and use the following information.
When you contact us, we may collect:
• your name
• your email address
• your phone number
• the information you choose to share in your enquiry
• any preferences around contact, availability or therapy format
If we arrange an initial call or begin therapy, we will also collect:
• your address
• your date of birth
• your GP details
• emergency contact details, where appropriate
• relevant health, mental health or wellbeing information
• information about your personal history, relationships, work, identity, family, circumstances and reasons for seeking therapy
• brief clinical notes
• attendance, payment and appointment information
• correspondence between us
Some of this information may be classed as special category data under UK data protection law. This includes information about health, mental health, sexuality, ethnicity, religion or other sensitive areas where these are relevant to therapy.
We only collect information that is necessary for providing therapy safely, ethically and professionally.
How we use your information
We use your personal information to:
• respond to enquiries
• arrange initial calls and appointments
• provide therapy
• keep appropriate clinical records
• manage payments, invoices and appointments
• communicate with you about sessions
• meet legal, professional and ethical responsibilities
• manage risk, safeguarding or emergency situations where necessary
• maintain insurance, tax and accounting records
• respond to data protection requests or complaints
We do not sell your personal information.
Lawful basis for using your information
Under UK GDPR, we need a lawful basis for using personal information.
For different parts of our work, we may rely on different lawful bases under Article 6 UK GDPR. For example, we may rely on a contract where processing is needed to arrange or provide therapy, legitimate interests where we need to run our practice safely and keep appropriate records, and legal obligation where we need to keep or share information to comply with the law.
• contract: where information is needed to arrange and provide therapy
• legitimate interests: where we need to use information to run our practice safely, respond to enquiries, keep appropriate records and protect both you and us.
• legal obligation: where we need to keep or share information to comply with the law
Where we process special category data, such as information about health or mental health, we must also identify a separate condition under Article 9 UK GDPR before we begin that processing and reflect this in our privacy information. Depending on the reason for processing, we may also need to meet additional conditions and safeguards under the Data Protection Act 2018.
Where we ask for your consent for something specific, we will explain what we are asking for and whether you can withdraw that consent. Consent is not the only lawful basis available under data protection law, and we will rely on it only where appropriate to do so.
Confidentiality
Therapy is confidential, but confidentiality is not absolute. We will not share what you tell me unless there is a lawful, ethical or safeguarding reason to do so, and where possible, we will limit any sharing to the minimum information necessary.
There are some limits to confidentiality. We may need to share information if:
• We believe there is a serious risk of harm to you or someone else
• There is a safeguarding concern involving a child, vulnerable adult or person at risk
• We are required to do so by law, court order or legal process
• Disclosure is necessary to prevent or detect a serious crime
• There is a medical emergency, and information is needed to protect life
• We need to consult our clinical supervisors, while protecting your identity as far as possible
Where possible and appropriate, we would aim to discuss this with you before sharing information. However, we may not be able to do so if this would increase risk, prejudice safeguarding action, undermine the purpose of the disclosure, or otherwise be impossible.
Supervision
Like other ethical therapists, we use clinical supervision to support safe and effective practice.
In supervision, we may discuss aspects of client work to support safe and effective practice. We aim to minimise identifying detail where possible and appropriate, and our supervisors are also bound by confidentiality and professional standards.
Clinical Notes and Records
We keep brief clinical notes to support safe and ethical therapy. These are usually factual, proportionate and relevant to the work.
Clinical records may include:
• session dates
• brief themes discussed
• relevant risk, safeguarding or clinical information
• agreed actions or important decisions
• contact and administrative information
We do not aim to keep a full transcript of sessions, although we may (with your permission) keep recordings.
How long do we keep information
We keep information only for as long as necessary for the purpose for which it was collected. Retention periods may vary depending on the type of record, the nature of the work, legal and professional requirements, and whether the work involved a child or young person. As a general guide:
• enquiry information may be deleted if we do not begin therapy, usually within the first 12 months.
• client records may be kept for up to seven years after therapy ends, based on our insurance and membership bodies requirements.
• if the work involved a child or young person, a different retention period may apply
• financial records may be kept for the period required for tax and accounting purposes
• emails, messages and administrative records are reviewed periodically and deleted when no longer needed
There may be times when we need to keep records for longer, for example, where there are safeguarding, legal, insurance, complaint-related or professional-body reasons. We keep our retention periods under review and aim to make sure they remain justified and proportionate.
Where your information is stored
Your information may be stored in the following systems:
• Website / contact form: this is a WordPress-based system
• Email: Google Workspace
• Practice management or client records: Electronic documents are stored password protected on our computers under code names for each client. Paper copies are stored in a lock box, in a locked cupboard, in our locked office space.
• Online sessions: Zoom
• Payments / invoicing: Bank transfers for payments, and MTD system for invoicing.
We use appropriate technical and organisational measures to keep information secure. This may include password protection, device security, two-factor authentication, restricted access and secure storage.
Where we use external providers, they may process data on our behalf. We aim to use reputable providers with appropriate data protection and security arrangements.
Online therapy
If we work online, sessions will take place using Zoom. We will take reasonable steps to protect confidentiality on our side, and we ask that you also choose a private space where you cannot be easily overheard or interrupted.
Online platforms may process technical information such as IP address, device information or connection data. Please also check the privacy notice of the platform we use if you would like more details.
AI tools and transcription
We do not record, transcribe or use AI tools to process therapy sessions.
We may use digital tools for general practice administration, writing, planning or education. Where we do, we do not put identifiable client material into public AI tools. We aim to avoid putting identifiable client material into tools that are not appropriate for confidential clinical information, and we take data protection and confidentiality into account when choosing how to use those tools.
Website visitors and cookies
When you visit www.considerittherapy.org, some technical information may be collected automatically, such as your IP address, device type, browser type, pages visited and the time of your visit. This may happen through website hosting, security, analytics or cookie tools.
Our website is hosted by Hostinger. The website may use cookies or similar technologies to make the site work, improve performance, understand visitor behaviour or support security.
You can usually control cookies through your browser settings. If we use cookies or similar technologies that are not strictly necessary, we will make sure the website provides the level of notice, choice or consent required by law. In some cases, current UK rules may allow limited exemptions for certain analytics or functionality cookies, but only where the legal conditions for those exemptions are met.
Sharing your information
We will not share your personal information unless there is a clear reason to do so. Depending on the circumstances, we may share limited information with the following people or organisations where this is necessary, proportionate and lawful:
• our clinical supervisor
• professional advisers, such as an accountant, insurer or legal adviser
• our professional body, if required in relation to a complaint or ethical matter
• safeguarding services, emergency services or your GP, where there is a serious risk or safeguarding concern
• a court or legal authority, if required by law
• an appointed clinical executor if I die or become unable to contact clients myself
• trusted digital service providers who process data on my behalf
Where I share information, we aim to share only what is relevant and necessary for that purpose. If we transfer personal information outside the UK to a separate organisation, we will only do so where the law allows it and an appropriate transfer mechanism or other safeguard is in place where required.
Clinical Will
We aim to have arrangements in place so that clients can be contacted if one of us dies or becomes seriously incapacitated.
This may involve a trusted professional colleague or clinical executor having access to the minimum information needed to contact current clients and manage records appropriately. That person would be bound by confidentiality, would only access information if necessary, and would not take on an ongoing therapeutic role unless separately agreed and appropriate.
Your rights
Under UK data protection law, you have rights over your personal information. These may include the right to:
• be informed about how your data is used
• access a copy of your personal information
• ask for inaccurate information to be corrected
• ask for information to be deleted in some circumstances
• restrict or object to certain processing
• complain about how your information has been handled
Some rights are not absolute and may depend on the circumstances. For example, we may need to keep some information for legal, professional, safeguarding, insurance or complaint-related reasons, and there may be limits on what can be disclosed where information includes third-party data or where a relevant exemption applies.
If you would like to exercise your rights, please contact us using the details above. We will respond to a request about your rights within one month. If a request is particularly complex, or if we need to consider whether any restriction or exemption applies, we may need longer, in which case we will let you know.
Data Protections concerns and complaints
If you have a concern about how we have handled your personal information, you can make a data protection complaint by contacting us HERE. We will acknowledge your complaint within 30 days and take appropriate steps to look into it without undue delay
We will investigate your complaint as appropriate, keep you informed where necessary, and tell you the outcome without undue delay.
If you are not satisfied with our response, or if you would prefer to contact the UK regulator directly, you can contact the Information Commissioner’s Office:
Information Commissioner’s Office
Website: www.ico.org.uk
Telephone: 0303 123 1113
Changes to this privacy notice
We may update this privacy notice from time to time to reflect changes in our practice, legal requirements, professional guidance or the systems we use.
The latest version will be available on this site.