Privacy Policy


This page provides information relating to how our team handle any information provided to us by website visitors, patients, clients and associates. For further information on relating to how we handle the information provided to us when we work with patients and clients please see our confidentiality page.

Psychological Therapy Scotland aims to be as clear as possible about how and why we use information about you so that you can be confident that your privacy is protected. This policy describes the information that Psychological Therapy Scotland collects when you work with us, use our services or visit our website. This information includes personal and financial information as defined in the General Data Protection Regulation (GDPR) 2016.

Psychological Therapy Scotland uses the information we collect in accordance with all laws concerning the protection of personal data, including the Data Protection Act 1998 and the GDPR 2016. As per these laws, Dr Louise Richards is the data controller for Psychological Therapy Scotland, although your individual therapist will also have their own privacy policies as data controllers or processors.
Important: By submitting personal data to us and/or by using our website you give your consent that all personal data that you submit may be processed by us in the manner and for the purposes described below.

Please note that we may update and amend this privacy policy from time to time and any changes will be posted on the site. If you have any queries regarding this policy, please contact Dr Louise Richards at
  1. Why do we need to collect your personal data?   

We need to collect information about you for the purposes outlined below.  We will only collect information about you for reasons of legitimate interest, or where there is a legal basis for doing so:
  • To know who you are so that we can communicate with you in a personal way.
  • Deliver a service to you.
  • Process your payment for the services.
  • Verify your identity so that we can be sure we are dealing with right person.
  • Contact you, should we need to share information.  As outlined in our confidentiality policy, we would only do this under specific circumstances as outlined in this policy.
  1. What personal information do we collect and when do we collect it?

We use the data we collect from you in the following ways:
  • We may collect information such as your name and your contact details including for example telephone number and email address in order to provide a service to you or work with you.
  • Information required to deliver a clinical service to you (for example, mental health history).
  • We may also collect information about you from third parties; if we need to gather information from another health professional (such as your GP, Psychiatrist, health insurer to provide a complete health assessment or psychological report. We would only do this with your consent.
  1. How do we use the personal information we collect?​
  • To communicate with you so that we can inform you about your appointments with us we use your name, your contact details such as your telephone number, email address or postal address.
  • To deliver the correct service to you we use your name, your contact details and the details gathered at your initial assessment appointment.
  • To process a payment (associates only), we use your name and your bank payment details. 
  1. Where do we keep your personal information? 

We take your privacy very seriously. We are committed to taking reasonable steps to protect any individual identifying information that you provide to us. To prevent unauthorised disclosure or access to your information, we have implemented physical and electronic security safeguards. All personal information provided is stored in compliance with EU General Data Protection Regulations (GDPR) rules. 

  1. How long do we keep your personal information?
  • We retain your psychology file/notes for 6 years in accordance with guidance issued by our professional body, The British Psychological Society.  After this time, we shred your file/notes and delete any electronic copies of reports relating to you.
  1. Who do we send your personal information to?
  • We send your report to you or to anyone we are required by law to inform. All reports that are sent electronically are sent as attachments that are password protected.
  • We send reports to other health care providers when requested by and authorised by you.
  1. How can I see all the information you have about me?
  • You can make a subject access request (SAR) by contacting us. We may require additional verification that you are who you say you are to process this request. We will aim to provide you with this information within one month of your written request.
  • We may withhold such personal information to the extent permitted by law. In practice, this means that we may not provide information if we consider that providing the information will violate your vital interests.
  1.  What if my information is incorrect?
  • Please contact us. We may require additional verification that you are who you say you are to process this request.
  • If you wish to have your information corrected, you must provide us with the correct data and after we have corrected the data in our systems we will send you a copy of the updated information in the same format as the subject access request in section 7.
  1. How can I have my information removed?
  • If you want to have your data removed we have to determine if we need to keep the data, for example in case HMRC wish to inspect our records.  If we decide that we should delete the data, we will do so without undue delay.
  1. Website and Cookie Policy
  • Our website is hosted in data centres in the United Kingdom which comply with GDPR rules. 
  • All traffic (transfer of files) between our website and your browser is encrypted and delivered securely using HTTPS protocol.
  • We use Skype for some of our therapy sessions.  Skype is a Microsoft application and complies with the EU-US Privacy Shield Framework and the Swiss-US privacy shield framework as set forth by the U.S. Department of Commerce.  For more information regarding Microsoft's specific GDPR policy please visit
  • Like many other websites, the Psychological Therapy Scotland website uses cookies. Cookies are small pieces of information that are stored on your computer or mobile device when you visit a website.
  • The cookies we use are ‘1st party’ cookies.  We don’t use any ’3rd party’ cookies (these are often used to track behaviour across a range of websites, so targeted advertising can then be applied. We don’t do this!!)
  • Like most websites, our website uses Google Analytics (GA) to track user interaction. Google Analytics sets cookies to help us accurately estimate the number of visitors to the website and what content is most popular. This helps to ensure that our website is responding to your needs in the best way possible.Cookies (and GA) do not provide us with access to your computer or any information about you, other than that which you choose to share with us.By using and browsing the Psychological Therapy Scotland website, you consent to cookies being used in accordance with this Policy.If you do not consent, you must turn off cookies or refrain from using the site.Controlling cookies: You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies. However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you. Unless you have changed your browser to refuse cookies, our website will issue cookies when you visit it. To find out more please visit:
  1. Links from our site
  • Our website may contain links to other websites. Please note that we have no control of websites outside the Psychological Therapy Scotland domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy. Always be wary when submitting data to websites. Read the site’s data protection and privacy policies fully.
  1. Payments and payment related information
  • PayPal process payments for most of the services we provide. We do not retain any financial information you may submit as part of the payment process. PayPal state ‘We monitor every transaction, 24/7 to prevent fraud, email phishing and identity theft. Every transaction is heavily guarded behind our advanced encryption. If something seems fishy, our dedicated team of security specialists will identify suspicious activity and help protect you from fraudulent transactions. Remember, we will never ask for any sensitive information.’
  • ​Paypal also state ‘Every transaction is encrypted using our latest advanced technology.’
  • Our website provides the Customer Engagement platform we use to manage and fulfil our contract to you. PayPal processes your payments directly and therefore no financial account details are ever taken or stored on our system. 
  • For more information on PayPal’s security policy you can visit:
  1. Record of payments and retention of payment information
  • We keep records of invoices, payments and receipts for accounting purposes.  We are required to retain this information for 6 years in line with HMRC requirements. After six years we delete and/or shred this information.
  1.  How do I make a complaint?
  • If you wish to raise a complaint on how we have handled your data, you can contact us to have the matter investigated (
    If you are not satisfied with our response or believe we are not processing your data in accordance with the law you can complain to the Information Commissioner’s Office

Contact me today to have an informal chat before making an appointment.
There is no charge for this initial discussion. 

Tel: 07894 038084
Email: click here


    Privacy Policy