Privacy

Specialist neurodivergent service
Skipton and online
email: info@thedivergentspace.co.uk

Privacy Statement

You may be aware of laws relating to General Data Protection Regulation (GDPR) that have been in effect since 25 May 2018. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries.

This document sets out how The Divergent Space Ltd complies with these laws.

We are registered with the Information Commissioner's Office (ICO). When you are referred or refer yourself for services with us you will be asked to consent to the processing of your data under the terms of this policy. We will be responsible for data management, we will abide by this privacy statement, and we will hold our own privacy statement that complies with the GDPR terms.

What information do we collect?

We collect personal data such as name, address, date of birth, GP/medical practitioner details, telephone numbers, and email address. We also collect any data that you give us regarding personal and family background, alongside potentially sensitive data relating to medical and mental health conditions.

What do we use your information for?

We use your information in the following ways:

To provide clients with the services requested.
To notify you about changes to your appointments.
To fulfil any administrative, legal, ethical and contractual obligations.

What information do we share??

We will not share any information about you with other organisations or people, except in the following situations:

Consent – We may share information with relevant medical professionals or others whom you have requested or agreed we need to contact.
Serious harm or risk – We may share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person. This may include issues of safeguarding, terrorism, drug trafficking and serious crime.
Supporting the civil and criminal justice system – Although rare, the Courts do have the right to request a copy of our clinical reports and, in some cases, our complete clinical file. If requested by the courts we have a legal duty to comply with this request. We would discuss any such requests with you.
Clinical Will– Clinicians each have a clinical will which means in the event of sudden death or a serious accident or illness, a named colleague will be able to access the contact details so that clients can be notified.
Supervision– It is a professional requirement for any clinician offering services to have regular supervision. Any supervisor used is an accredited member of the relevant accrediting body and works within their professional framework. No information is divulged to identify the client.

How do we keep your information safe?

All information you provide is stored as securely as possible. We will take all reasonable precautions to prevent the loss, misuse or alteration of information given.
We are a fully electronic service and therefore do not keep paper records. Any paper information shared with us is scanned and the original either returned to sender or destroyed. All electronic files are kept on password-protected devices with virus protection software.
Formal reports are password protected.
Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects, we cannot bear responsibility for all communications being virus free.
Client notes and other documentation are destroyed seven years after the end of the services offered.
Any known data breaches will be reported to the ICO within 72 hours.
Any requests for personal data need to be made through a data subject access request and will be supplied within one month.

Your rights

Under the GDPR, you have the right to:

Access your personal data - Rectify, erase or restrict your data - Object to the processing of your data - Request transfer of data (data portability).
You have the right to request the information we hold about you be forgotten. Information about your rights to do so and our rights in response can be found at https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-to-erasure/ If you do this whilst actively receiving services, the services would have to end. You will need to make the request formally by stating this in an email to This email address is being protected from spambots. You need JavaScript enabled to view it..
If you have any concerns about the way we handle your data please contact This email address is being protected from spambots. You need JavaScript enabled to view it.. If you feel this has not been resolved effectively you have the right to contact the Information Commissioner's Office (www.ico.org.uk).