top of page

Privacy Policy

In order to therapeutically support you I need to collect and store certain personal and ‘special category’ (sensitive) information about you.

​

This policy aims to explain how I adhere to the Data Protection Act and the General Data Protection Regulation (GDPR) requirements and the requirements of my regulatory body, the Health and Care Professions Council (HCPC).

 

My Lawful Basis for Processing Personal Data

I have a legitimate basis in collecting both the personal data and ‘special category’ -sensitive personal data to provide therapeutic treatment. I may also collect information about how you found my service for marketing research purposes. I will not share information you provide without your consent (except in exceptional circumstance), and I will never sell your information to third parties.

​

Information I Collect and Store

To provide psychological therapy safely and effectively, I record details of your sessions and appointments. I may collect the following types of personal or sensitive information:

​

Personal Data

  • Name

  • Address

  • Date of birth

  • Gender

  • Pronouns

  • Email address

  • Telephone number

  • Next of kin/Emergency contact

  • GP contact details

​

Special Category (Sensitive) Data

  • Signed Therapy Client Agreement (“Terms and Conditions”)

  • Therapy records, including therapist notes, letters, reports, and outcome measures

​

Web-Based Data

If you complete a web enquiry form, I will collect the information you provide along with your IP address, your IP address will also be automatically supplied by the website software. My website may contain links to other websites or platforms. My privacy policy applies only to www.drnaomifilio.com. I would encourage you to read the privacy statements on the other websites or platforms you visit.

 

I take your privacy seriously. I will only use your information to provide you with therapeutic services. If you do not provide certain information, I may be unable to offer therapy.

I send emails about appointments and invoicing using normal, non-encrypted email service. You can open emails in your inbox like any other email. These emails do not have any additional security measures. Please bear this in mind if emailing sensitive information to me.

We may write notes together in our sessions. These notes do not include detailed personal details and notes are stored securely in a locked filing cabinet that only I have access to.

I will keep some electronic notes that keep track of our sessions and next session plans. This information is only for my use and will be stored on an encrypted cloud storage with full-disk encryption.

​

All personal information provided is stored in compliance with EU General Data Protection Regulations (GDPR) rules. Records are typically kept for 7 years, as people sometimes return and previous records may support therapy. If you would like your records deleted before this time, please email DrNaomiFilio@gmail.com.

 

Who Has Access to Your Information and Disclosure of Your Personal Data

Your information and notes are treated confidentially and will not usually be shared with anyone outside my practice. Administrators may have access to personal data to manage invoicing and appointments. It is a requirement for Clinical Psychologists to have regular supervision so I may discuss sessions with my supervisor. Detailed personal information is not shared, and information is shared on a ‘need to know’ basis to keep in line with confidentiality and code of ethics.

 

Beyond the above cases, information will only be shared in the following circumstances:

  • If I need to liaise with others involved in your care for example, your GP or psychiatrist). Ideally this is always discussed in session together and will be confirmed with you by email.

  • In exceptional circumstances, where sharing information is required by me by law or necessary to prevent serious harm. These include:

    • When another health provider requires relevant information

    • When disclosure is in the public interest for example, to prevent serious harm or a miscarriage of justice.

    • When required by a court order

    • When there is risk of harm to you, another adult, or a child

 

Where possible, I will always aim to discuss any sharing, of personal and special category data and information, with you unless by doing this it would increase the level of risk or harm.

​

Your Legal Rights

You have the right to request access, correction and deletion of your personal data that I store and process. You also have the right to restrict or object to the processing of your personal data. If you would like more information about any of the above, please refer to the Information Commissioner’s Office (ICO) at https://ico.org.uk/.  To make a request linked to any of the above, please send a request in writing by emailing DrNaomiFilio@gmail.com. In certain circumstances I may be unable to comply fully with the above requests for example, if compelled to retain the records by a court of law. Please be aware there may be a charge for complying with a request if it is deemed excessive in nature.

 

Complaints or Queries 

‘Data controller’ is the term used to describe the person that collects, stores and is responsible for people’s personal data. Dr Naomi Filio is the data controller in this instance and I am registered with the Information Commissioners Office (ICO), registration reference: ZA539357.

I always aim to meet the highest standards when collecting and using personal and sensitive information. For this reason, I will take any feedback or complaints very seriously. I encourage people to bring it to my attention if they think that my collection or use of information is unfair, misleading, or inappropriate. I also welcome any suggestions for improving my procedures. If you do have a complaint, please contact me by email at DrNaomiFilio@gmail.com or if you prefer telephone me on 020 4634 0994.

 

If you are not satisfied with my response, or believe I am not processing your personal data in accordance with the law you have the right to raise your complaint with the Information Commissioner’s Office (ICO) Website: https://ico.org.uk/concerns/ Email: casework@ico.org.uk Telephone: +44 (0) 303 123 1113

 

Changes to This Privacy Notice 

I keep my privacy notice under regular review and I will place any updates on this web page.

 

How to Contact Me 

Dr Naomi Filio

Email: drnaomifilio@gmail.com

Approved by: Dr Naomi Filio
Position: Clinical Psychologist
Date Last Reviewed: 18 November 2025

bottom of page