Lawsight is the brand name used by the legal entity Lawsight Ltd.
The purpose of this website is to provide background information about the services that Lawsight Ltd provides.
Lawsight Ltd respects your privacy. This website www.lawsight.co.uk complies with the UK General Data Protection Regulation (GDPR) (EU) 2016/679) when dealing with all data received from visitors to this website or from a client (or potential client) of Lawsight.
Data controller is the term used to describe the person/ organisation that collects and stores and has responsibility for people’s personal data. In this instance, the data controller is Lawsight.
1. What information we collect and process from you
As data controller we collect and process the following personal information:
- Personal identifiers, contacts and characteristics (for example, name and contact details).
- Health data (for example concerning your state of mind, general health, medication and any relevant medical or psychological conditions).
- Information concerning your use of our website and/or services.
We only store data that is necessary and relevant to the services provided by us to you. We will not store any personal data that we do not need to provide these services to you.
2. How we get your personal data and why we have it
Most of the personal data we process is provided to us directly by you.
We may also receive personal data, from your GP or other medical practitioner with whom you have an existing relationship (for example, to obtain a report on your current state of health or any medication or other treatment you may be receiving). We would always check with you before requesting such information.
Please let us know if any of your personal data you have provided, or that you believe we may have received from a third party, needs to be corrected or updated.
3. Why we process your personal data
We will use your personal data to provide you with counselling services.
We will also use your personal data for the following purposes:
- To communicate with you about our services, including services you have requested from us and other information which we feel may interest you or be relevant to you.
- To notify you about changes to our services.
- To manage all aspects of our relationship with you, including to keep business and accounting records, to carry out office administration, to administer and process payments you make, to check your identity where required to use any of our services, and as otherwise required or permitted by law or related to running our business.
- To comply with applicable laws and regulations and requests from statutory agencies / authorities including for reasons such as: health and safety; the detection and prevention of crime; safeguarding.
- To analyse and understand how people use our website and services.
4. Sharing your personal data with others
We do not, and never will, sell or share your information to a third party for commercial purposes.
We may share your personal data, always on a limited basis and only to the extent necessary, with some or all of the following:
- law enforcement officials, health professionals or others for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another person.
- IT service providers, website and IT/database server providers.
- our insurers and/or professional advisers (such as lawyers and accountants) insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice.
- Professional supervisors for the purposes of our own therapeutic supervision.
- We may also disclose your personal data where such disclosure is necessary for the establishment, exercise, or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
5. How we store your personal data and how long we keep your personal data
Your personal data is securely stored in electronic form on our systems which are located in the UK. We take the security of the data we hold about you very seriously and use encryption and password protection to keep your data safe. All health data that you provide to us is kept in written form only and stored in securely locked filing cabinets.
We keep client records for the duration of our relationship and for up to six years following the end of their sessions. Following that, client records are destroyed. If you would like your records to be destroyed sooner than that, please let us know in writing.
We will then dispose of your personal data by shredding hard copy notes and permanently deleting all electronic records from our devices.
You understand that once we destroy your records, we cannot restore them.
We will keep any personal information you have provided for as long as is needed to provide you with an appropriate level of service, or until you request that it is deleted. Even if we delete your personal information it may remain in our archives for legal, tax or regulatory reasons.
6. Our lawful bases for processing your personal data
The GDPR states that we must have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which we are processing your data. We have explained these below:
- If you are currently receiving counselling services or if you are in contact with Lawsight to consider our services, we will process your personal data where it is necessary for the performance of our contract.
- If you have received counselling services and the sessions have ended, we will use legitimate interest as our lawful basis for holding and using your personal information.
- The GDPR also makes sure that we look after any sensitive personal information that you may disclose to us appropriately. This type of information is called ‘special category personal information’. The lawful basis for us processing any special categories of personal information is that it is for the provision of health treatment (in this case counselling) and necessary for a contract with a health professional (in this case, a contract between Lawsight and you).
7. Your rights
Under data protection law, you have rights including:
- Access – you can ask for copies of your personal data.
- Rectification – you can ask us to rectify inaccurate personal data and to complete incomplete personal data.
- Erasure – you can ask us to erase your personal data in certain circumstances.
- Restriction of processing – you can ask us to restrict the processing of your personal data in certain circumstances.
- Object to processing – you can object to the processing of your personal data in certain circumstances. This applies, in particular, where the lawful basis on which we process your personal data is our legitimate interests.
- Data portability – you can ask that we transfer your personal data to another organisation, or to you, in certain circumstances.
- Make a complaint – you can complain to a supervisory authority (in the UK, this is the ICO – see below) about our processing of your personal data.
- Withdraw consent – to the extent that the legal basis of our processing of your personal data is consent, you can withdraw that consent at any time. You can do this by emailing us on firstname.lastname@example.org.
You are not required to pay any charge to us for exercising your rights. If you make a request, we will endeavour to respond promptly and within any legally prescribed timeframes.
These rights are subject to certain limitations and exceptions. You can learn more about these rights by visiting https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
Please contact us using the data controller details set out below if you wish to exercise any of your data protection rights.
8. Correcting your personal information
If you believe that the personal data we hold about you is incorrect you have the right to request in writing a copy of this data, free of charge, and have it corrected, restricted or deleted. If you wish to complain about the way we handle your personal data you can contact us to have the matter investigated. If you are not satisfied with our response or believe that we are not processing your personal data in accordance with the law you have the right to complain to the Information Commissioner’s Office.
Lawsight is registered with the Information Commissioner’s Office (ICO) as a data controller for the personal data that it processes. Lawsight’s registered address for these purposes is:
55 East Budleigh Road
You can contact us by email at: email@example.com
Our registration number with the ICO is ZB38479
We may make changes to this policy from time to time. If we do, we will post the changes on this page. We recommend that you check this policy regularly.
10. How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org
You can also complain to the ICO if you are unhappy with how we have used your personal data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: www.ico.org.uk