GS | Psychotherapy

Privacy & Cookie Policy

Effective Date: 12 August 2025
Last Reviewed: 12 August 2025

This Privacy Policy explains how I, Giorgio Senigagliesi, collect, use, and protect personal information obtained through this website and in the course of my work as a psychotherapist.
 
I am committed to safeguarding your privacy. If you have any questions or would like to exercise your rights, please contact me at:
Postal contact address available upon request.

1. Data Controller

Giorgio Senigagliesi (self-employed psychotherapist) is the data controller for the personal information processed through this website and in clinical work. Written requests can be submitted digitally. Postal contact address available upon request.

2. Data Collected

a) Website Contact Form
 
When you fill out the contact form on this website (built using Fluent Forms), you are asked to provide:
  • Your full name
  • Email address
  • A message or enquiry
 
This information is used solely to respond to your enquiry. Submitting this form is optional and does not imply a therapeutic contract.
 
b) Registration
 
If we agree to begin therapy, I will invite you to complete a separate registration form, usually shared and returned via email. This includes:

Full name

  • Preferred contact number
  • Email address
  • GP or (optionally) emergency contact details
 
This data is collected after the consultation is agreed, and is used solely for purposes directly related to the provision of therapeutic services. No special category (sensitive) data is collected through the website itself. If you choose to share such data through the contact form, it will be handled securely and deleted if not required.
 
3. Legal Basis for Processing
 
Your data is collected and processed only:
  • With your consent (e.g. website contact form)
  • To establish or fulfil a therapeutic contract
  • Where required by legal obligation (e.g. safeguarding)
  • Special category health data is processed under GDPR Article 9(2)(h) as part of healthcare provision
4. Use and Sharing of Data
 
  • Your data will never be sold, shared, or used for marketing.
  • Enquiry form submissions are used solely for responding to your message.
  • Clinical registration data is used only in the context of therapy.
  • If sharing is required (e.g. contacting a GP), this would be discussed and agreed with you first — unless prevented by a legal obligation (e.g. serious risk of harm).
  • Some site data (such as page views, referrer URLs, and general device information) is collected using Independent Analytics for the purpose of understanding site usage and improving content. This data is stored on the website’s own servers and is not shared with third parties.
  • Some technical data (e.g. IP addresses or form metadata) may be processed by Automattic Inc. (trading as WordPress.com) on servers located outside the UK/EU. These transfers are governed by Standard Contractual Clauses (SCCs) as approved under the GDPR.

 

I use a limited number of third-party plugins (e.g. for form handling, backups, or performance). These are selected and configured with attention to GDPR compliance and data minimisation principles.

5. Storage and Security

I take appropriate measures to protect the personal data I hold. These include:

  • Encrypted local storage (e.g. Proton Drive, password-protected folders)
  • Encrypted email services (via ProtonMail)

 

Please note:

Emails sent between ProtonMail addresses are end-to-end encrypted by default. However, if you use a non-ProtonMail service (such as Gmail or Outlook), your messages may not be encrypted in transit. If you prefer, I can send encrypted messages via ProtonMail’s secure message link, which requires a password to open.

Website contact form messages are transmitted over secure (HTTPS) connections and are not stored on the website long-term.

6. Cookies and Tracking

This site uses cookies to ensure core functionality, improve your experience, and support certain embedded content.

  • Necessary cookies – Always active, essential for the site to work (e.g. language preference, display features).

  • Non-essential cookies – Set only with your consent, such as those from YouTube when you play an embedded video.

  • Analytics – This site uses Independent Analytics, a privacy-focused, cookieless tool that does not collect personal data.

Cookies set by this site:

  • pll_language – Remembers the language you selected so it is used when you return to the site. Stored for 1 year.

  • wpEmojiSettingsSupports – Checks whether your browser supports emoji display. Stored until you close your browser.

  • YSC – Set by YouTube to track views of embedded videos. Stored until you close your browser. Only set if you play a video.

  • VISITOR_INFO1_LIVE – Set by YouTube to measure bandwidth and determine which video player interface to show. Stored for 6 months. Only set if you play a video.

  • VISITOR_PRIVACY_METADATA – Set by YouTube to store your YouTube cookie consent preferences. Stored for 6 months. Only set if you play a video.

You can manage or disable cookies at any time through your browser settings. For more details about cookies on WordPress.com-hosted websites, visit:

https://automattic.com/cookies/

7. Data Retention

  • Website enquiries: retained for up to 6 months
  • Therapy registration and client records: retained for 7 years after the end of therapy, in line with professional and legal standards

 

You may request deletion sooner where possible, unless there is a legal basis for continued storage.

8. Your Rights

Under the UK GDPR, you have the right to:

  • Access your data
  • Correct inaccuracies
  • Request deletion (subject to legal exceptions)
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent at any time


There is no automated decision-making or profiling involved in this website or in my practice.

To exercise these rights, please contact me at:
You may be asked to verify your identity before access is granted. If you are based in the EU, you may also lodge a complaint with your local data protection authority.

9. Complaints

If you are concerned about how your data is handled, you can contact the Information Commissioner’s Office (ICO) in the UK: https://ico.org.uk

If you are based in the EU, you may also contact your national supervisory authority: https://edpb.europa.eu/about-edpb/about-edpb/members_en