How I use your personal data

If you use my services as a therapist, I will ask you to sign a contract which includes my privacy statement. The statement explains how I will use your personal data.

The statement covers the following:

My role as data controller

Because I process personal information, I am registered (as David Corr Consulting) as a data controller with the Information Commissioner’s Office (ICO).

The data I collect and store about you

I will collect some or all of the following personal details about you.


  • name
  • age or date of birth
  • gender
  • postal address
  • telephone number(s)
  • email address(es)
  • details of your NHS GP

Reason for collecting and storing this data

I will gather and store this personal data expressly and solely for the purposes of delivering one or more of the following services in a safe and effective manner:

  • counselling
  • psychotherapy
  • hypnotherapy
  • training
  • supervision

Additional data that I collect and store during our work together

Given the nature of our work together I do collect and record other information about you. This includes:

  • your desired therapeutic outcome
  • history of your symptom(s)

I do not, however, connect this information with the personal data above (your name, age, etc).

I only ever gather and record information that in my professional opinion is relevant to our contracted work.

Sharing specified data

I will share your data if you request this and give me your consent to do so in writing. I will only share it with a suitably qualified professional therapist or practitioner to whom you have asked me to refer you.

However, I will share your data with appropriate agencies or people in the case of welfare/safeguarding issues that are governed by statutory obligations.

Any data that I share will be done electronically. It will be encrypted and password protected.

Storing your data

I will store your data in paper or electronic form (or both).

I will store paper records in a locked cabinet within a building protected by an alarm system.

I will store electronic data on one or more devices that are password protected and where the data is encrypted.

Duration of data storage

Adults: I will store your data for 8 years from the date we complete our work together.

If you are under the of 18 when we start work together: I will store your data for 3 years after you turn 18.

Deleting your data

I will securely destroy paper records by shredding them.

I will securely delete electronic records. I will also securely destroy any device that I used to store your data once that device comes to the end of its useful life.

Your consent

By signing the contract you give me permission to collect the personal data specified above.

You can withdraw this consent at any time in writing, by letter or email. If you do this, I will securely destroy all of your data, except in cases where doing so would compromise any ongoing statutory process.

Further information

If you have any further questions about my data policy please do ask me.

You can also find more information and/or discuss any concerns about how I use your data by contacting the ICO.

Need more info?

If you'd like to find out more about how I work, feel free to contact me – or read more about the background to my approach.
ContactMy approach