1. How will my data be stored?

In May 2018 the Data Protection Act was replaced by the General

Data Protection Regulations (GDPR). The changes to the Data

Protection Act are aimed at ensuring that your personal,

confidential and sometimes sensitive data, is held privately and

securely.

2. How long will you hold my information for?

As per NCH guidelines, written records stored securely for 8

years after the last interaction with an adult client and up to the

age of 25 for a child under 16 when last seen or 26yrs for 17-18

year old.

3. What if I would like my data to be destroyed before this

date?

Due to the sensitive nature of the work conducted by HAY, the

insurance company provider does not allow the deletion of

data, before the minimum time for holding such data has past.

4. Am I able to see or get a copy of the information held by

you?

In line with GDPR, yes, within 30 days.

5. What are your reasons for collecting this information?

HAY collect your data to provide you with a

personalised and effective service.

6. How do I know that you will store my information securely?

All information will be stored electronically on an iPad and

within Writeup, which is also password protected.

7. Are our discussions within the hypnotherapy sessions

confidential?

Yes, unless support is required from a supervisor or it is believed

that you are about to harm yourself or another.

8. What if I see you outside of a hypnotherapy session?

If contact occurs outside of a session, HAY will take the lead

from the client and only engage if initiated by them. No offence

will be taken if the client does not wish to acknowledge contact.

9. Will you discuss information about me with other health and

social care professionals?

information will only be shared with your written consent.

10. Who is the Data Controller and what is their ICO registration

number?

HAY is the Data Controller and the ICO registration number is

00019203318.