The purpose of GDPR, General Data Protection Regulation (2018) is to provide a set of standardised data protection laws across all EU member countries. Williamson Psychology Services complies with these laws. 

Data Control

Dr Oonagh Williamson is the data controller for Williamson Psychology Services.

What personal data I process

  • Personal data: basic contact information: name, address, email, contact number, GP contact details.

  • Sensitive personal data: Signed Therapy Client Agreement, therapy records (therapist notes, letters, reports and/or outcome measures).

  • If you complete a web-based enquiry form, we will also collect any information you provide to us as well as your internet protocol (IP) address.  This is automatically supplied by the website software used to offer the form.  All web services used by Williamson Psychology Services are verified by themselves as GDPR compliant.

  • If you are referred by your health insurance provider, then we will also collect and process personal data provided by that organisation. This includes basic contact information, referral information, and health insurance policy number and authorisation for psychological treatment.

The lawful basis for processing personal data

  • Williamson Psychology Services has a legitimate interest in using the personal data and sensitive personal data we collect to provide health treatment. It is necessary for us to provide psychological therapy to clients. 

  • We may also ask for information on how you found our service for the purpose of our own marketing research.  No information you provide is passed on without your consent.  We will never sell your information to others.

What we do with your personal information

  • Williamson Psychology Services takes your privacy seriously. We will only use your personal information to provide the services you have requested from us.

  • If you do not provide the personal information requested, then we may be unable to provide a therapy service to you.

How long we store personal information

  • We will only store your personal information for as long as it is required.  Basic contact information held on a therapist’s mobile phone is deleted within 6 months of the end of therapy.

  • The sensitive personal data defined above is stored for a period of 7 years after the end of therapy. After this time, this data is deleted at the end of each calendar year.

How your personal information is used

  • We use the information we collect to:

  • Provide our services to you.

  • Process payment for such services.

  • Send you information and information about our services that might be of interest to you.  You have the right to opt-out at any time, and request that your personal contact information is deleted to prevent future proactive contact from ourselves.

Who we might share personal information with

  • We hold information about each of our clients and the therapy they receive in confidence. This means that we will not normally share your personal information with anyone else. However, there are exceptions to this when there may be need for liaison with other parties:

  • If you are referred by your health insurance provider, or otherwise claiming through a health insurance policy to fund therapy, then we will share appointment schedules with that organisation for the purposes of billing. We may also share information with that organisation to provide treatment updates.

  • In cases where treatment has been instructed by a solicitor, relevant clinical information from therapy records will be shared with legal services as required and with your written consent.

  • In exceptional circumstances, we might need to share personal information with relevant authorities:

  • When there is need-to-know information for another health provider, such as your GP.

  • When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.

  • When the information concerns risk of harm to the client, or risk of harm to another adult or a child. We will discuss such a proposed disclosure with you unless we believe that to do so could increase the level of risk to you or to someone else.


What we will NOT do with your personal information

  • We will not share your personal information with third-parties for marketing purposes.

How we ensure the security of personal information

  • Personal information is minimised in phone and email communication. Sensitive personal data will be sent to clients in an email attachment that is password protected. Email applications use private (SSL) settings, which encrypts email traffic so that it cannot be read at any point between our computing devices and our mail server. Williamson Psychology Services will never use open or unsecure Wi-Fi networks to send any personal data.

  • Personal information is also stored on an office computer and on secure server owned by Williamson Psychology Services. These are password protected. Malware and antivirus protection is installed on all computing devices.  Mobile devices are protected with a passcode/thumbprint scanner, mobile security and antivirus software.

Your right to access the personal information we hold about you

  • You have a right to access the information we hold about you.

  • We will usually share this with you within 30 days of receiving a request.

  • There may be an admin fee for supplying the information to you.

  • We may request further evidence from you to check your identity.

  • A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy).

  • You have a right to get your personal information corrected if it is inaccurate.

  • Williamson Psychology Services reserves the right to refuse a request to delete a client’s personal information where this is therapy records. Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by The British Psychological Society (BPS; 2000)[1]and The Health and Care Professions Council (HCPC; 2017)[2].

Use of Cookies

  • Williamson Psychology Services may use cookies and other tracking technologies when you visit our website including any other media form, media channel, mobile website, or mobile application related or connected thereto (collectively, the “Site”) to help customise the Site and improve your experience.

  • What Is a Cookie? - A “cookie” is a string of information which assigns you a unique identifier that we store on your computer. Your browser then provides that unique identifier to use each time you submit a query to the Site. We use cookies on the Site to, among other things, keep track of services you have used, record registration information, record your user preferences, keep you logged into the Site, facilitate purchase procedures, and track the pages you visit. Cookies help us understand how the Site is being used and improve your user experience. Overall, cookies help us provide you with a better website by allowing us to monitor which pages you find useful and those you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

  • Control of Cookies - Most browsers are set to accept cookies by default. However, you can remove or reject cookies in your browser’s settings. Please be aware that such action could affect the availability and functionality of the Site. For more information on how to control cookies, check your browser or device’s settings for how you can control or reject cookies.

  • We reserve the right to make changes to our  Cookie Policy at any time and for any reason. We will alert you about any changes by updating the “Last Updated” date of ourCookie Policy. Any changes or modifications will be effective immediately upon posting the updated Cookie Policy on the Site, and you waive the right to receive specific notice of each such change or modification.


  • You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Contact Details
If you have any questions about this privacy policy or our privacy practices, please contact our Dr Oonagh Wiliamson, the Data Controller, in the following ways:
Email address:

Telephone: 0730 6760 948

[1]The British Psychological Society (2000). Clinical Psychology and Case Notes: Guidance on Good Practice. Leicester: Division of Clinical Psychology, BPS.

[2]Health and Care Professions Council (2017). Confidentiality – guidance for registrants. London: HCPC.

Privacy Policy last updated February 2021

Privacy Policy