PRIVACY & CONFIDENTIALITY POLICY

Data Protection & Privacy (GDPR Compliance)

  • I am committed to protecting your personal information in accordance with the UK GDPR and the Data Protection Act 2018.

  • The personal data I may collect includes your name, contact details, appointment history, and any information you voluntarily share with me during our sessions.

Lawful Basis for Processing

  • The lawful basis under GDPR for collecting and processing your personal data is:

    1. Consent – you have given clear consent for me to process your personal data for the purposes of providing my services.

    2. Contract – processing is necessary in order to deliver the services you have engaged me for.

    3. Legitimate Interests – in some cases, minimal processing may be necessary for the smooth running of my practice (e.g., invoicing, maintaining client records).

How Your Data is Used

  • Your data will only be used for the purposes of:

    • Providing and administering my services.

    • Communicating with you about appointments or relevant updates.

    • Record-keeping, invoicing, and tax purposes as required by law.

Data Storage & Security

  • Your personal data is stored securely and access is restricted to myself only.

  • Where digital systems are used (e.g., email, scheduling, or electronic record-keeping), I take reasonable technical and organisational measures to protect your data against unauthorised access, disclosure, or loss.

Data Sharing

  • I will not sell, rent, or trade your personal data.

  • Your data will not be shared with third parties unless:

    • You give explicit consent, or

    • I am legally required to do so (e.g., safeguarding concerns or a lawful request from authorities).

Data Retention

  • Personal data will be kept only for as long as necessary to fulfil the purposes it was collected for, and to meet legal, accounting, or reporting requirements.

  • As a general rule, client records will be retained for 3 years after the last session, after which they will be securely deleted or destroyed.

Your Rights
Under GDPR, you have the following rights regarding your personal data:

  • The right to access the data I hold about you.

  • The right to request correction of inaccurate or incomplete data.

  • The right to request deletion of your data (“the right to be forgotten”).

  • The right to restrict processing of your data in certain circumstances.

  • The right to data portability (to request your data in a structured, commonly used format).

  • The right to withdraw consent at any time (this will not affect the lawfulness of processing carried out before consent was withdrawn).

  • The right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been infringed.

Contact
If you wish to exercise any of these rights or have concerns about how your data is handled, you may contact me at:
midnightsoulphire@gmail.com

Confidentiality Policy

1. Purpose
This policy sets out my commitment to protecting the confidentiality of all clients who engage with me for soul midwife healing. The trust you place in me is central to the healing relationship, and confidentiality is essential for creating a safe and respectful environment.

2. Definition of Confidentiality
Confidentiality means that anything you share with me in the context of our sessions — whether spoken, written, or observed — will not be disclosed to others without your knowledge and consent, except in the specific circumstances described below.

3. Scope of Confidentiality

  • All personal details, life circumstances, and information shared during sessions are regarded as strictly confidential.

  • Confidentiality applies to all formats: spoken conversations, written records, digital communication, and observational notes.

  • I will not confirm to any third party that you are a client, unless you have explicitly given permission.

4. Exceptions to Confidentiality
Confidentiality will only be broken under the following circumstances:

  • Risk of harm – if I believe you or someone else is at serious risk of harm, I may need to share relevant information with appropriate professionals or authorities.

  • Legal obligation – if I am required by law, court order, or statutory duty to disclose information.

  • Consent – if you provide explicit written consent for information to be shared with a third party (e.g. a family member, medical practitioner, or other professional).

Whenever possible, I will inform you before any disclosure is made and will only share what is strictly necessary.

5. Record-Keeping

  • Brief records of sessions may be kept for professional purposes, to support continuity of care.

  • Records are factual, minimal, and do not include unnecessary detail.

  • All records are stored securely, whether paper-based or electronic, and are accessible only to me.

  • Records will be retained for an appropriate period (normally 3 years) and then securely destroyed.

6. Communication

  • Email, phone, or other communication channels will be used respectfully and only for service-related matters.

  • I cannot guarantee complete security of electronic communication; therefore, highly sensitive information should be shared in person whenever possible.

7. Respecting Vulnerability

  • I acknowledge that many clients come to me during times of grief, loss, or personal difficulty.

  • Confidentiality is upheld not only as a legal and ethical responsibility, but as a compassionate practice to safeguard your dignity and emotional wellbeing.

  • At no time will your vulnerability be exploited or used to your disadvantage.

8. Professional Boundaries

  • Information you share will never be used for personal, financial, or reputational gain. However, if I think that what you have told me will benefit another I may share an outline of the details but never with identifying factors such as your name/location but instead in a generalised manner. I will always seek your permission from you if I were to relate your story in an online or training context and it will always be because it will be useful to someone else’s healing journey.

  • Confidential information will never be discussed in social or informal settings.

  • I undertake supervision for development and safeguarding and any discussion will be anonymised and handled respectfully.

9. Client Rights
As a client, you have the right to:

  • Expect that all personal information will remain confidential, except under the conditions outlined above.

  • Ask questions about how your information is handled.

  • Withdraw your consent for disclosure at any time (except where legal obligations apply).

10. Policy Review
This Confidentiality Policy is reviewed regularly to ensure it continues to reflect best practice, safeguarding standards, and the values of compassion, respect, and integrity.