This privacy policy is in line with the General Data Protection Regulation set out by the European Union, which came into effect on May 25th, 2018. Derek McDonnell is the data controller of Big Picture Consultancy (Big Picture). He may be contacted at derek@bigpictureconsultancy.com or on +353-87 66 00 872 in the case of any request or complaint.
INFORMATION WHICH BIG PICTURE COLLECTS FROM YOU:
If you are not yet a Big Picture client but send an email, the contact details and related information you supply at the time will only be used to contact you about that specific request.
When you visit the Big Picture website, browser data such as IP addresses is collected anonymously from you by Google Analytics in order to improve the site and customer service. This data is not used to identify individuals and will be automatically deleted 14 months after collection.
Business Clients: When you become a Big Picture business client, we will ask you for data including names, email addresses, phone numbers, business address and any relevant support information in order to develop a proposal for you.
Individual Clients: When you become a Big Picture individual client for therapeutic support and/or mentoring. Privacy is strictly confidential to the client with exceptions to where there may a risk to themselves or others; the limitation to confidentiality will be discussed, clarified and agreed in the first session with the client. In the event that there is a need to follow up on a risk to safety, in the first instance (where possible), this will be discussed with the client.
Big Picture is accredited through the Irish Association of Counselling and Psychotherapy (IACP) and supervised to ensure that we do the best work that we can for our clients. Supervision is confidential, we only use first names and the supervisor (Dr. Karen Ward) is IACP approved.
WHERE YOUR INFORMATION IS KEPT:
Business Clients: Contact information is kept on a password protected database and password protected Outlook. Proposals and subsequent meeting notes (all anonymised) are kept on cloud storage.
Individual Clients: Record keeping is in line with GDPR and IACP recommendations. The client’s name and phone number are kept in hardcopy files along with their age. Their reason(s) for attending is kept on a separate file. After each session, a record of any actions agreed filed. These notes will be held on file for a period of seven years after the last session. For additional protection, I assign each client a number connected to their name, age, and phone number; the notes on why they attend and weekly actions will be kept in a separate locked file under the assigned number. However, I encourage clients to bring a notebook with them to record more detailed notes of their sessions. You have a right to access your data held by us by contacting derek@bigpictureconsultancy.com. The legal basis for using your data Big Picture will only use personal data with your consent.
When you become a client, Big Picture will also use your data in order to carry out the contract agreed between Big Picture and you.
In addition, Big Picture may process personal data for the purposes of their legitimate interests provided such processing doesn’t outweigh your rights and freedoms. For example, Big Picture may process personal data to:
- Comply with laws that apply to the business;
- Enable or administer the business, such as for quality control, consolidated reporting, and customer service;
- Understand and improve the business or customer relationships generally.
HOW LONG IT IS KEPT:
Business Clients: Big Picture will keep your proposal, notes (as they may be useful for other projects with your organisation) and contact information on file until you ask us to delete them. We may contact you from time to time to update you on our services, at any time you can opt out of receiving emails or have your information deleted by contacting derek@bigpicutureconsultancy.com
Individual Clients: These notes will be held on file for a period of seven years after the last session to comply with IACP recommendations.
GETTING ACCESS TO YOUR DATA:
Big Picture will provide you with access to all of your data on request. You can ask for your data to be amended if it’s inaccurate, or transferred to you in a common format. This will be done within one month of your request.
IS IT USED BY THIRD PARTIES?
On occasions, on behalf of business clients, we work with contractors for specific projects, this is to enhance the diversity and skill set of the project. We will only share relevant files and relevant information with the contractor that are specifically required for the project, but you will be requested to approve this sharing before it is done.
For advertising purposes, Big Picture may list Businesses/Organisations that we work with to promote our services (www.bigpictureconsultancy.com).
WHAT HAPPENS IF YOUR DATA IS LOST OR STOLEN?
Big Picture undertakes to report all significant data breaches to the Data Protection Commissioner within 72 hours of the breach occurring, unless the personal data breach is unlikely to result in a risk to your rights and freedoms as an individual. Big Picture also undertakes to document the facts relating to the breach, its effect, and any remedial action taken. If the personal data breach is likely to result in a high risk to your rights and freedoms, Derek McDonnell shall communicate the personal data breach to you without undue delay.