Privacy Policy

Wimborne Psychology Ltd

Last updated: 03 February 2026

Wimborne Psychology Ltd is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Data Controller:
Wimborne Psychology Ltd
Registered in England and Wales
Registered Office: Communications House, 23d West Street, Wimborne, England, BH21 1JS
Email: wimbornepsychology@gmail.com
Companies House: 14540212

For the purposes of data protection law, Wimborne Psychology Ltd is the Data Controller.

2. What Personal Data We Collect

We may collect and process the following types of personal data:

a) Personal Information

  • Name

  • Address

  • Email address

  • Telephone number

  • Date of birth

b) Health Data

  • Mental and physical health information

  • Clinical notes and assessments

  • Reports and correspondence

  • Information provided during therapy or assessment

c) Administrative & Financial Data

  • Appointment details

  • Payment and invoicing records

  • Correspondence with you or third parties (with consent)

3. How We Collect Your Data

We collect personal data:

  • When you contact us via our website, email, or referral form

  • When you attend appointments

  • When information is provided by referrers (with appropriate consent)

  • Through secure online forms or questionnaires

4. Lawful Basis for Processing

Under UK GDPR, we rely on the following lawful bases:

a) Contract

To provide psychological services you have requested.

b) Legal Obligation

To comply with legal, regulatory and safeguarding duties.

c) Legitimate Interests

For practice administration, service improvement and professional obligations.

d) Health

We process health data under Article 9(2)(h) UK GDPR for the provision of health or social care and treatment by regulated professionals.

5. How We Use Your Information

We use your personal data to:

  • Provide psychological therapy and assessments

  • Maintain accurate clinical records

  • Communicate with you about appointments and services

  • Process payments

  • Fulfil safeguarding, legal and professional obligations

6. Confidentiality

All personal data is treated as confidential and handled in line with professional ethical standards.

Information may only be shared without consent where:

  • There is a serious risk of harm to you or others

  • A safeguarding concern arises

  • Disclosure is required by law or court order

Where possible, we will discuss this with you beforehand.

7. Sharing Your Data

We do not sell your data.

Your information may be shared only when necessary with:

  • Other healthcare professionals (with consent)

  • Referrers (with consent)

  • Regulatory bodies if legally required

  • Secure IT or practice management providers under strict data processing agreements

8. Data Storage & Security

We take appropriate technical and organisational measures to protect your data, including:

  • Secure electronic record systems

  • Password-protected devices

  • Encrypted communication where possible

  • Restricted access to authorised clinicians only

9. How Long We Keep Your Data

Clinical records are retained in line with legal and professional guidance, typically:

  • Adults: at least 7 years after last contact

  • Children: until age 25 (or longer where required)

Financial records are retained for statutory accounting periods.

10. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure (where legally permissible)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent (where consent applies)

Requests should be made in writing. We may need to verify your identity.

11. Access to Records

You may request access to your records in formal writing.
Some information may be withheld where disclosure could cause serious harm or where third-party confidentiality applies, in line with professional guidance.

12. Cookies & Website Data

Our website may use essential cookies for functionality.
We do not knowingly collect personal data through cookies unless explicitly provided by you.

Further details are available in our Cookie Policy.

13. Complaints

If you are concerned about how your data has been handled, please contact us in the first instance.

You also have the right to complain to the Information Commissioner’s Office (ICO):
www.ico.org.uk

14. Changes to This Policy

This Privacy Policy may be updated from time to time.
The most current version will always be available on our website.