Privacy Policy

Michael Cohen Therapy Service

As from 25th May 2018, under the General Data Protection Regulations (GDPR) I Michael Cohen am required by law to inform you how I process and keep safe the data I hold that pertains to you.

I am also required to gain your consent to holding and processing your data in certain way.

I take confidentiality and privacy very seriously and am bound by a code of ethics.

I use the information you provide me via my website contact form or via direct email to make contact with you to discuss your requirements.

I may also use this information so that I may improve my services.

If you choose to proceed with making an appointment to see me, I will send you a copy of my Privacy Policy via email so that you are aware in advance how I will use information provided in the course of our sessions together.  At your session I will ask you to sign a paper copy of my privacy policy and give you a hard copy to keep.

In the course of our first session…..
I will ask for your email address for the purposes of sending you a recording to listen to as part of the therapy and other material pertinent to your therapy. It may also be necessary to send emails or text messages to confirm or rearrange appointments. My computer and mobile phone are password protected. Other than myself nobody else has access to them. Once you finish therapy with me all information held electronically is securely deleted within 30 days.

Written notes taken in your session(s)….
I will ask you for your name and address  GP contact details and some basic health information: There are some conditions that are contra indicated for hypnotherapy and sometimes there are circumstance where it may be necessary to contact your GP before commencing therapy. I will inform you of this at our appointment should this appear appropriate.

I will ask you for details of your next of kin: This is used very rarely and only in emergency situations.

You do not have to consent to the collection of information, however, if you choose not to provide it, I may not be able to work with you.

How I keep this data
I keep your name, address, phone number and email in paper form in a locked filing cabinet. These are kept separate from your session notes.

How long I keep this data
In accordance with my professional therapy bodies policy, I keep this data for seven years after you finish therapy with me. After that time it is securely destroyed.

Under the General Data Protection Regulations which are effective from May 2018 you have the following rights:

  • The right to be informed (which is why I have produced this policy)
  • The right of access: If you wish to see your file then please make a request in writing to Michael Cohen, the Data Processor. I will provide you with the information within 30 days of your request.
  • The right to rectification: This is your right to request changes to any information I hold that is factually inaccurate. If you believe any of the information I hold on you is incorrect then please let me know as soon as possible and I will make the relevant changes.
  • The right to erasure: given the nature of our work I am required to hold your details for a period of 7 years, after this your information will be securely destroyed.
  • The right to restrict processing: I will only use the information for the purposes that I have stated above. I uphold the common law principles of confidentiality where the duty to keep confidence is measured against the concept of ‘greater good’. If in my opinion as a therapist there is good reason to believe not to disclose would cause danger or serious harm to self, the therapist or others then your GP or other appropriate agencies may be contacted. Only information required to ensure safety of relevant parties would be disclosed. Information may have to be disclosed without consent for the prevention, detection or prosecution of a crime. The sharing of anonymous case histories with supervisors and peer support groups is not a breach of professional confidentiality.
  • The right to data portability: this right is more relevant to IT companies e.g. the sharing of information when moving from one utility provider to another. I will not share your information without your specific consent, other than in the situations described above.
  • The right to object: I will not contact you for marketing purposes unless you have given me specific consent to do so.
  • The right not to be subject to automated decision-making including profiling: I will not use your information for profiling purposes.


This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser.