General Data Protection Regulations (GDPR)

Published on 22/05/2018 by

Access: Everyone

Dear Member

Re: General Data Protection Regulations

I am writing to you in regards to preparations for new General Data Protection Regulations (GDPR) which come into force on 25 May 2018.

We wish to assure you that we value your privacy and are committed to protecting your personal data by informing you about the way we, store, process and protect data entrusted to us.

  • Assure you that we do not sell any data for sales or marketing purposes..

Under the new regulations we have an obligation to let you know what information we hold about you, how the data is processed, how it is stored and who has access to it.

Without access to data about you we would not be able to fulfil our membership, accreditation or registration functions. There may be certain information you do not wish to disclose and you can withdraw consent for UKAHPP to hold information about you but this would obviously affect our ability to endorse your professional standing maintain your membership status.

We need to communicate with you regularly about your membership status and update you on organisational developments in line with legal requirements as a Private Limited Company. We also contact members about more general information about professional developments and Continual Professional Development events.

The contact we have with you is usually conducted through a bulk email server. This is the most convenient way of communicating with members and as a cost saving exercise it is likely that future Annual General Meeting documents and notices will be sent by email. If this method of communicating is NOT agreeable or is inconvenient you can opt out and let us know what would be a more convenient method of contacting you.

In order to allow you to make an informed decision about how UKAHPP communicates and hold information about you, I would like to share the following information:

What is personal data? Personal data is information relating to a person’s identity including, name, date of birth, gender, address, telephone number, email address, bank details.

It also includes what is known as ‘sensitive data’ relating to a person’s health, education, beliefs, membership of other organisations, religion, professional history, conduct offences and criminal convictions.

In applying for and renewing membership, accreditation and membership you a required to share a considerable amount of personal information some of a sensitive nature.

Where is this information stored? All personal data is stored centrally with the UKAHPP Administrator. Records and documents are usually stored electronically on password protected computers with GDPR regulated cloud back up. Some records are stored on paper and stored in secure filling cabinets, which along with computers are kept in a dedicated business office which is securely locked outside of business hours.

How does UKAHPP process personal information? The UKAHPP has six main membership functions: Administration, Finance, Membership, Accreditation, Registration and Ethics. As each of these functions requires access to documents containing personal information, electronic copies are sent to panel members to process. Panel members are governed by non-disclosure and confidentiality requirements and must ensure that any documents they hold are securely stored and either destroyed in the case of any printed documents and deleted in the case of electronic files once their processing task has been completed.

Who else has access to member personal data? The UKAHPP does not share personal data with anyone who is not entitled to access. It does not share (or sell) personal information with other organisations for marketing or advertising purposes.

For registration purposes we do share information with the UK Council for Psychotherapy (UKCP) about members who have dual registration.

The registration details and professional standing on the UKAHPP Register of Humanistic Psychotherapists and Psychotherapeutic Counsellors will be included on the publicly accessible version of the register published on the UKAHPP website. They will also be included on the ‘find a therapist’ unless you opt out. The details contained on this facility are provided by the member.

In the event of a serious practice complaint being upheld against a member, the UKAHPP is under a public protection obligation to inform other organisation the member has an affiliation with and if the complaint is of a criminal nature we must inform the police. The UKAHPP is also under an obligation to inform the public of any significant sanctions orders place on a member through the UKAHPP website Hearings and Determinations page.


The UKAHPP will normally hold personal data and documents relating to your membership on file for 12 months after you have left the organisation, after which they will be deleted or destroyed.

You have the right to see data held in your personal membership file and can correct any errors.

If you are in any doubt about how the new General Data Protection Regulation will impact on your practice please access the Information Commission Officer’s website .

If you have any queries about your UKAHPP Membership and data protection please contact [email protected]

Kind regards

Derek Lawton

On behalf of the UKAHPP Board of Directors