Privacy Policy

Lauren M Psychotherapy

Who I am

Lauren Moloney Psychotherapy is a private psychotherapy practice providing Cognitive Behavioural Psychotherapy (CBT) and related therapeutic services. I am the data controller for the personal information you provide to me.

Contact details
Lauren M Psychotherapy
lauren@laurenmpscyhotherapy.co.uk

What information I collect

I may collect personal information including:

Name, address, email address and telephone number
Date of birth and emergency contact details
GP details (where relevant)
Information about your health, wellbeing, mental health, medications, and therapy history
Session notes and assessment records
Payment and invoicing information
Website enquiry information submitted through my contact form

Some of this information is considered special category data (health-related information), which is protected under UK data protection law.

Why I collect your information

I collect and use your information in order to:

Respond to enquiries and arrange appointments
Provide psychotherapy and assessment services
Maintain clinical records
Communicate with you about your therapy
Process payments and maintain financial records
Meet legal, professional and insurance obligations

Lawful basis for processing

Under UK GDPR, I process your information on the following lawful bases:

Contract – to provide therapy services you have requested
Legal obligation – where I am required to keep certain records
Legitimate interests – to safely manage my practice
Provision of health care / confidential therapeutic services in relation to special category health information.

Confidentiality

Everything discussed in therapy is treated confidentially. However, confidentiality may be broken in exceptional circumstances, for example:

If there is serious concern about your safety or someone else’s safety
If disclosure is required by law
If records are subpoenaed by a court

Where possible, this would usually be discussed with you first.

How your information is stored

I take reasonable steps to keep your information secure, including secure electronic storage, password protection, and limiting access to your records.

I may use secure third-party providers (for example email, video platforms, payment systems, or website hosting) who process data on my behalf.

How long I keep your information

Clinical records are kept for a period consistent with professional and insurance requirements (typically 7 years after therapy ends, or longer where legally required).

Financial records may be retained for tax and legal purposes.

Sharing your information

Your information will not usually be shared without your consent, except:

Where required by law
Where there is a serious safeguarding concern
With clinical supervisors (anonymised where possible) as part of professional practice
With insurers, legal advisers or professional bodies if necessary

Your rights

Under UK data protection law, you have rights including:

The right to access your personal information
The right to request correction of inaccurate information
The right to request restriction of processing in some circumstances
The right to complain to the Information Commissioner’s Office (ICO)

Please note that therapy records may not always be erasable where legal, professional, or insurance obligations require retention.

Website cookies

My website may use basic cookies or analytics to improve website performance. You can control cookies through your browser settings.

Complaints

If you have concerns about how your data is handled, please contact me in the first instance.

You also have the right to complain to the
Information Commissioner’s Office (ICO).

Updates

This privacy policy may be updated from time to time. The latest version will always be available on this website.

Last updated: May 2026