Privacy Policy

Last updated: May 2026

Who I am

Daniel Rubinstein is a UKCP- and BACP-registered psychotherapeutic counsellor practising at [your address], Hastings, East Sussex. You can contact me at contact@danielrubinstein.online.

What information I collect and why

Enquiry emails. When you email me to ask about therapy, I receive your name, email address, phone number (if provided), and any personal information you choose to share about why you are seeking therapy. I use this only to respond to your enquiry and, if we proceed, to arrange appointments.

Session notes. I keep brief, confidential notes about our work together. These are stored securely and are not shared with third parties except in the limited circumstances described below.

Website analytics. This website may use cookies or basic analytics (e.g. WordPress statistics) to understand how visitors use the site. No personally identifiable information is collected through this.

Legal basis for processing

I process your personal data on the basis of:

  • Legitimate interests — to respond to your enquiry and provide therapy services
  • Legal obligation — where I am required by law to retain or disclose information
  • Vital interests — in rare circumstances where there is a serious risk of harm

Who I share your information with

Your information is kept strictly confidential. I do not sell or share your data with third parties, with the following exceptions:

  • Clinical supervision. I discuss my work with a qualified supervisor for professional and ethical reasons. Your name and identifying details are not used.
  • Legal and safety obligations. I may be required to disclose information if there is a serious risk of harm to you or others, or if required by law (e.g. court order or safeguarding duty).
  • Professional bodies. UKCP and BACP may audit my practice as part of accreditation. Any records shared are handled under strict confidentiality.

How long I keep your data

  • Enquiry emails from people who do not become clients: deleted within 3 months.
  • Client session notes and contact details: retained for 7 years after the end of therapy (in line with BACP guidance), then securely destroyed.

Your rights

Under UK GDPR, you have the right to:

  • Access the personal data I hold about you
  • Correct inaccurate data
  • Request erasure of your data (subject to legal and ethical obligations to retain records)
  • Object to or restrict processing
  • Complain to the Information Commissioner’s Office (ICO) at ico.org.uk if you believe your data is not being handled lawfully

To exercise any of these rights, please contact me at contact@danielrubinstein.online.

Data security

Emails and session notes are stored securely. I use password-protected devices and take reasonable steps to protect your information from unauthorised access or disclosure.

Changes to this policy

I may update this policy from time to time. The current version will always be available on this page.