Hampshire and Surrey Psychology is now a HelloSelf company.
We want you to understand what data we collect and how we use it.
When you use HelloSelf, you give us access to your data. We want to be transparent about what we collect, and how we use it to make our range of digital services work better.
We collect all of this information directly from you, when you first browse our website, when you register and then any time your personal data is updated. If you engage in sessions with our Experts, they may upload information after the session.
The main types of data we collect are:
Who you are
When you register with one of our services we’ll receive the basic information you provide us with about yourself; like your name, date of birth, physical address and email address.
How you interact with us
When you use our services we process and store the information you provide. We record your appointments with us, including audio and video, so that you can easily re-watch them. We use your appointment data to improve our services if you opt to receive those services.
Data provides our Experts with more information to help them give you with the best care possible.
We also use some of your data to inform you of new information that may be pertinent to you via marketing communications. Members always have the right to opt out of receiving communications at any time by contacting us by email or by clicking on the Unsubscribe link.
We will always treat personal data with the utmost respect and never sell it to other organisations for marketing purposes.
Who we share your data with:
We only share personal data with our expert clinical psychologists, assistant psychologists and life coaches, all of whom are bound by professional codes of confidentiality. We only allow our external third parties to handle personal data if we are satisfied they take appropriate measures to protect all personal data.
Medical services providers
Where necessary, we’ll share your information with other medical services providers – for example NHS bodies, your doctor, hospitals and emergency services.
If your HelloSelf access is funded by an insurance provider, we need to let them know details about your appointment with us and the outcome. This will only be done with your explicit consent. We may very occasionally disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
If you would like to find out what information we hold about you, you can make a subject access request by emailing DPO@helloself.com.
The privacy and the security of your data is of our utmost priority. We recognise that you trust us to keep it secure and private and therefore we protect it with strong encryption in our secure data centers.
Protecting your data
All data is encrypted using strong encryption both in transit and at rest. We have strict procedures and systems in place to prevent unauthorised access to data. Card Payments are processed via a third party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards.
Securing your data
We monitor and test our servers and work with third parties to ensure our security controls are industry standard. Our Experts are required to use two factor authentication and we use technology to block unauthorised or suspicious access attempts to access data. We work with industry-leading hosting and service providers to ensure that infrastructure is protected.
Personal and health data is primarily stored on our secure servers inside the EEA. On the rare occasions it is sometimes necessary for us to store some elements of personal data outside the European Economic Area (EEA), such as Click ID, browser meta data and IP addresses. These transfers are subject to special rules under European and UK data protection law. For more information regarding these rules, please contact DPO@helloself.com.
To keep your data protected, please:
- Make sure you have a strong password
- Change your password frequently
- Keep your password safe
We ensure clinical safety of HelloSelf members and services by meeting and exceeding industry and legal standards.
We carefully manage clinical risk for all HelloSelf members and services to ensure clinical safety.
HelloSelf only employs professionally qualified, registered and insured Experts. All our Experts are trained and required to follow good practice in handling patient information.
We retain your medical records for seven years in accordance with national best practice guidance provided by the BPS.