Explore New Possibilities and Begin Your Journey of Growth, Awareness, and Transformation:
For Individuals, Couples and Communities.
Disrupting and Consulting
Receive insightful guidance as we engage in a collaborative process to explore your unique needs, helping you make informed decisions about your therapy journey and empowering you.
Fragmenting and Implementation
Let us work together with care and intention to address your goals. Through a thoughtful and collaborative process, we will navigate challenges and implement experiments to raise awareness that help you achieve the outcomes you desire.
Alignment and Integration
Finally, integration leads to a meaningful conclusion. Leave therapy with an embodied sense of authenticity, alignment with your values, confidence, clarity, and a newfound freedom from what once felt overwhelming.
Privacy Notice 2025
Your privacy is very important to me. You can be confident that any personal information you share will be kept safe, secure, and used only for the purposes for which it was given.
​
I comply with the General Data Protection Regulation (EU/2016/679) (GDPR), the UK Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).
​
This privacy notice explains how I collect, use, store, and protect your personal information throughout our contact — from your first enquiry to after your therapy ends.
​
1. Who I Am
Data Controller: Umaa (Counsellor and Therapist)
ICO Registration: ZA648353
Contact Email: umaa.counsellor@gmail.com
As the data controller, I am responsible for ensuring your personal data is handled in accordance with UK data protection laws.
​
2. What Personal Data I Collect
When you contact me or access therapy, I may collect:
-
Name
-
Email address
-
Phone number
-
GP details
-
Emergency contact (if required)
During therapy, I will also take one worded brief notes of our sessions and may collect any additional information you choose to share, which may include sensitive (special category) data related to your health or wellbeing.
​
3. Lawful Basis for Processing
Depending on your stage of contact, I rely on the following lawful bases under GDPR:
-
Contract: If you are currently receiving therapy or have arranged sessions, I process your data as part of our therapeutic agreement.
-
Legitimate Interest: If you have completed therapy, I may retain limited records for legal and professional obligations.
-
Special Category Data: Information related to health is processed as necessary for providing health treatment (counselling), under a contract with a health professional (me).​
​
4. Confidentiality and Safeguarding
Everything you share in therapy is confidential. I would only break confidentiality if:
-
You are at serious risk of harming yourself or someone else
-
You disclose a risk involving a child or vulnerable adult
-
I am required to do so by law
-
Where possible, I will always aim to discuss this with you first.
​
5. How Your Data is Stored and Protected
I take the security of your data seriously. I use the following measures:
-
Paper records (e.g., session notes) are stored in a locked filing cabinet in a secure home office.
-
Electronic data (emails, scanned forms) is stored on encrypted, password-protected devices.
-
Text messages are not retained longer than one month unless relevant; if important, they are saved securely.
-
Emails not relevant to ongoing therapy are deleted within one month.
I do not store client data in the cloud unless via a secure, GDPR-compliant provider.
​
6. How Long I Keep Your Data
-
Enquiries that do not result in therapy: Deleted within 1 month
-
Current clients: Data retained during the duration of therapy
-
After therapy ends: Records are kept for 7 years (or in line with guidance from your professional body or insurer), then securely destroyed.
You can request early deletion of your data at any time, unless legally or ethically required to retain it.
​
7. Sharing of Data with Third Parties
In general, I do not share your information with any third party.
The only exceptions may include:
-
Technology providers (e.g., Wix, Beehiiv) used to support my website or newsletter
-
Legal or safeguarding obligations
-
If I contract with another professional (e.g., accountant, web assistant), they are bound by strict confidentiality and data protection terms
8. Your Rights
Under data protection law, you have the right to:
-
Access the personal data I hold about you
-
Request corrections to inaccurate information
-
Ask for your data to be deleted (unless legally required to retain it)
-
Restrict or object to how your data is processed
-
Receive a copy of your data in a portable format
To exercise any of these rights, please email me at: umaa.counsellor@gmail.com.
If you’re not satisfied with how your data has been handled, you can contact the Information Commissioner’s Office (ICO):
https://ico.org.uk/make-a-complaint
​
9. Newsletter and Email Marketing (Beehiiv)
If you sign up for my newsletter to receive updates about workshops, events, or therapeutic resources, I will collect your name and email address through Beehiiv, my email service provider.
-
This data is separate from therapy records.
-
I use explicit consent as the lawful basis for sending newsletters.
-
You can unsubscribe at any time using the link in any email.
Beehiiv’s servers may be located outside the UK. They are committed to data security and GDPR-aligned practices.
Read Beehiiv’s privacy policy here: https://www.beehiiv.com/privacy
​
10. Website and Cookies (Wix)
My website is hosted by Wix. When you visit the site:
-
Standard visitor data (e.g. browser type, time of visit) is collected to analyse site performance.
-
This data is anonymised and not used to identify you.
-
If you fill out a form, that information is stored temporarily by Wix before being sent to me.
Wix uses cookies. For more information, see:
11. Contact
If you have any questions about this notice or your data, please feel free to contact me:
📧 Email: umaa.counsellor@gmail.com