Please fill in your details and I will get back to you as soon as possible
We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (https://mariaartaza.com) (“Website”), and when you engage with our counselling or guidance services.
Data Controller
Maria Artaza Counselling & Guidance Practice Ltd
Company number: 16761678
Registered office: 10-14 Old Wallfields, Pegs Lane, Hertford, United Kingdom, SG13 8EQ
If you have any questions about this policy or our privacy practices, please contact us at [your contact email].
We may collect and process the following categories of personal data:
| Category | Examples / Details |
|---|---|
| Identity & contact information | Name, title, email address, postal address, telephone number |
| Client / therapy information | Notes from sessions, assessment records, personal history, therapy goals, progress notes, relational/family data, mental health information, risk assessments, support networks |
| Usage / technical data | IP address, browser type, operating system, pages visited, referral source, time stamps, device information, cookies, analytics data |
| Communications data | Emails, messages you send us, records of inquiries, feedback, or correspondence |
We only collect what is necessary for the purposes given below.
We obtain your data in the following ways:
You provide it directly (e.g. when you fill in a contact or booking form, send us an email, complete questionnaires).
Through your interactions with our Website (e.g. by using cookies, server logs, analytics).
In the course of our counselling practice (e.g. during sessions, assessments, supervision).
We will only process your personal data where we have a valid legal basis. Depending on the circumstance, this may include:
Performance of a contract / provision of services — to provide counselling, guidance, scheduling, communications, invoicing.
Legal obligations — to comply with applicable laws, regulation or professional requirements (e.g. record-keeping).
Legitimate interests — for managing, securing, and improving our Website and services (provided these do not override your rights).
Consent — for certain non-essential processing (e.g. adding you to a mailing list, analytics cookies), where you have explicitly consented. You can withdraw consent at any time.
In all processing, we aim to respect your rights and privacy, and only retain your personal data for as long as necessary for the purposes.
We use your personal data for the following purposes:
To manage and administer your relationship with the Practice (e.g. bookings, scheduling, reminders, invoicing).
To deliver counselling, guidance, assessments, follow-ups, and related services.
To maintain client records and notes, enabling continuity of care, evaluation, and professional oversight.
To communicate with you (by email, phone, or other channels) about therapy, appointments, updates, or enquiries.
To send occasional marketing or information materials (only where you have opted in).
To comply with legal, regulatory, or professional obligations.
To monitor and improve our Website, detect fraud, misuse, and ensure security (including analytics).
To respond to complaints, legal claims, or investigations.
Our Website may use cookies, web beacons, and similar technologies to collect and store information about your visit. These assist in:
Recognising your device and preferences
Analytics (e.g. tracking site usage patterns)
Improving performance and user experience
You can control or disable cookies via your browser settings, but this may affect how our Website operates. We use both essential cookies and non-essential cookies (which require your consent).
If you wish, we can provide a cookie consent banner / settings to allow opt-in / opt-out of non-essential cookies.
We will not sell your personal data. However, we may share your information with:
Service providers / sub-processors who help us run our business (e.g. website host, email provider, payment processor, analytics provider). These parties will only process data under our instructions and under confidentiality obligations.
Professional third parties in connection with supervision, accreditation, or legal/regulatory requirements (but only where strictly necessary, and ensuring confidentiality and anonymisation where possible).
Authorities or legal bodies when required by law, regulation, or to protect your or others’ vital interests (e.g. in cases of risk, safeguarding concerns, court orders).
Successors / mergers — if our Practice is merged, acquired, or sells assets, your client records may be transferred (subject to confidentiality and appropriate protections).
We will seek to anonymise or pseudonymise data where practical when disclosing for statistical or oversight purposes.
If any of your data is transferred outside the UK or European Economic Area (EEA), we will ensure appropriate safeguards are in place (e.g. standard contractual clauses, adequacy decisions) in accordance with UK GDPR / EU GDPR rules.
At present, we endeavour to keep data within the UK / EEA or with processors that comply with equivalent data protection standards.
We retain personal data only for as long as necessary, considering the following:
Duration of our client relationship
Professional and regulatory obligations (which may require retention for a defined period)
The time needed to resolve disputes or legal claims
Where you provide consent, until you withdraw it or request deletion
After that, we will securely delete, anonymise, or archive your data in a manner that protects your privacy.
Under the UK GDPR / Data Protection Act, you have the following rights (subject to certain conditions):
Right to access: You may request a copy of the personal data we hold about you.
Right to rectification: You may request correction of inaccurate or incomplete data.
Right to erasure / “right to be forgotten”: You may ask us to delete your data (within legal limits).
Right to restrict processing: You may ask us to limit how we process your data.
Right to data portability: You may request a copy of your data in a structured, commonly used format, to transfer to another controller (where applicable).
Right to object: You may object to processing based on legitimate interests, direct marketing, or profiling.
Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time (without affecting prior lawful processing).
Right to lodge a complaint: With the relevant supervisory authority (in the UK: Information Commissioner’s Office).
To exercise any of these rights, please contact us at [your contact email]. We may ask for identity verification before fulfilling your request.
We implement appropriate technical and organisational measures to safeguard your data, including:
Encryption (in transit and, where relevant, at rest)
Secure servers and firewalls
Access controls and authentication
Regular security assessments, updates, and backups
Confidentiality obligations for staff and processors
Although we strive to protect your data, no system is 100% secure. In the event of a data breach likely to result in a risk to your rights, we will notify you and the relevant regulator in accordance with applicable law.
Our services are intended for adults (18+). We generally do not collect data from children knowingly. If we do work with minors, we will obtain parental / guardian consent and take extra care with data handling, in compliance with applicable legal protections.
If you believe we have collected data relating to a child in error, please contact us so we can delete it.
We may update this Privacy Policy from time to time. We will publish the updated version on the Website, and the “Last updated” date will reflect the change. Where required by law, we will notify you of significant changes (e.g. by email or site notice).
If you have any questions or concerns about this policy or how we process your personal data, please contact:
Maria Artaza Counselling & Guidance Practice Ltd
Address: 10-14 Old Wallfields, Pegs Lane, Hertford, United Kingdom, SG13 8EQ
Email: hello@mariaartaza.com