top of page

Call Us: 043 33 62041 | 043 33 62042 |     Email Us: enquiries@icps.ie  |      Ballymahon, Co. Longford

  • Facebook

Privacy Policy for Professional Services

Privacy Policy for Professional Services

Privacy Policy

​

State of Mind Psychotherapy, Psychology, Psychoanalysis & Counselling 

​

Effective Date: 23rd May 2021
Last Updated: 1st February 2025

​

1. Introduction

State of Mind Psychotherapy, Counselling & Education (“State of Mind,” “we,” “us,” or “our”) is committed to protecting the privacy, confidentiality, and security of personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act 2018 (Ireland).

As a provider of psychotherapy, psychology, psychoanalysis, and counselling services, we recognise that much of the information we process is highly sensitive. We therefore apply strict professional, ethical, and legal standards to the collection, use, storage, and disclosure of personal data.

This Privacy Policy explains how we process personal data when you:

  • Visit our website

  • Make enquiries or bookings

  • Engage in online (tele-health) or in-person therapy

  • Communicate with us by phone, email, or other means

 

2. Data Controller

For the purposes of the GDPR, the Data Controller is:

​

State of Mind Psychotherapy, Psychology, Psychoanalysis & Counselling
Gurteen, Ballymahon, Co Longford, N39 DK60
Email: GDPR@icps.ie
Phone: 043 33 62041

​

3. Legal Basis for Processing Personal Data

Under GDPR, we must identify a lawful basis for processing personal data.

​

3.1 Personal Data (Article 6 GDPR)

We process personal data on the basis of:

  • Consent (Article 6(1)(a))

  • Performance of a contract (Article 6(1)(b))

  • Compliance with a legal obligation (Article 6(1)(c))

  • Legitimate interests where appropriate (Article 6(1)(f)), provided such interests do not override your rights

 

3.2 Special Category Data – Health Data (Article 9 GDPR)

Mental health information is classified as special category data. We process this data under:

  • Explicit consent (Article 9(2)(a)), and/or

  • Provision of health or social care by a professional subject to confidentiality obligations (Article 9(2)(h))

 

4. Personal Data We Collect

​

4.1 Personal Identification and Contact Data

  • Name

  • Date of birth

  • Contact details (email, phone number, address)

  • Emergency contact details

 

4.2 Health and Clinical Data

  • Mental health history

  • Presenting concerns

  • Assessment and treatment notes

  • Psychological reports and formulations

  • Session records and progress notes

 

4.3 Administrative and Technical Data

  • Appointment details

  • Billing and payment records

  • Website usage data (non-identifiable)

 

5. How Personal Data Is Collected

Personal data is collected through:

  • Website enquiry and booking forms

  • SSL-secured online booking systems

  • Intake and consent forms

  • Tele-health platforms

  • In-person consultations

  • Email, telephone, or written correspondence

 

Where possible, data is collected directly from you. Information from third parties (e.g. referrers) is only accepted with your consent or where legally permitted.

 

6. Online Bookings and Website Security

All online bookings are protected using Secure Socket Layer (SSL) encryption, ensuring that data transmitted via our website is encrypted and safeguarded against unauthorised access.

We take reasonable technical and organisational measures to maintain the security and integrity of our website and associated systems.

 

7. Tele-Health Services

​

7.1 Secure Tele-Health Platforms

Online therapy sessions are conducted via secure tele-health systems designed for healthcare delivery and compliant with GDPR security requirements.

 

7.2 Risks of Electronic Communication

While we take appropriate precautions, no electronic communication system can be entirely risk-free. By engaging in tele-health services, you acknowledge and accept these inherent risks.

 

7.3 Client Responsibilities

Clients are advised to:

  • Attend sessions in a private location

  • Secure their own devices and internet connection

  • Protect login credentials

 

8. In-Person Appointments

For in-person services, personal data may be collected verbally or via written or electronic forms. Any physical records are stored securely with restricted access.

 

9. Purpose of Processing

We process personal data for the following purposes:

  • Providing psychotherapy, psychology, psychoanalysis, and counselling services

  • Clinical assessment and treatment planning

  • Appointment management and communication

  • Record keeping and continuity of care

  • Billing and administration

  • Legal, regulatory, and professional compliance

We only process data that is necessary, relevant, and proportionate to these purposes.

10. Confidentiality and Disclosure

All client information is treated as confidential.

Personal data may only be disclosed:

  • With your explicit consent

  • To other healthcare professionals involved in your care

  • Where required by Irish or EU law

  • To prevent serious and imminent risk to life or safety

  • In response to lawful court orders

Only the minimum necessary information will be disclosed.

 

11. Data Storage and Security

​

11.1 Electronic Records

Electronic records are stored on secure, password-protected systems with restricted access.

 

11.2 Physical Records

Any physical records are stored in locked cabinets within secure premises.

 

11.3 Data Retention

Personal data is retained in accordance with:

  • Irish legal requirements

  • Professional and ethical standards

  • Insurance and regulatory obligations

Data is securely destroyed when no longer required.

 

12. Data Breach Management

In the event of a personal data breach that poses a risk to your rights and freedoms:

  • We will take immediate steps to mitigate the breach

  • We will notify the Data Protection Commission (DPC) where required

  • We will notify affected individuals where legally necessary

 

13. Your Rights Under GDPR

You have the following rights under GDPR:

  • Right to access your personal data

  • Right to rectification

  • Right to erasure (where applicable)

  • Right to restrict processing

  • Right to data portability

  • Right to object to processing

  • Right to withdraw consent at any time

Requests may be made in writing and will be responded to within statutory timeframes.

 

14. Cookies and Website Analytics

Our website may use cookies and analytics tools to improve performance and user experience. These tools collect non-identifiable information only.

You may disable cookies through your browser settings.

 

15. Third-Party Processors

We may engage third-party service providers (e.g. booking systems, tele-health platforms, payment processors). All processors are GDPR-compliant and subject to data processing agreements.

​

16. Complaints

If you have concerns about how your personal data is handled, you may contact us directly.

You also have the right to lodge a complaint with the Irish Data Protection Commission:

Data Protection Commission (Ireland)
www.dataprotection.ie

​

17. Changes to This Policy

This Privacy Policy may be updated periodically. The most current version will always be available on our website.

​

​

bottom of page