I, Dr Pablo Sabucedo, am a chartered clinical psychologist in private practice. This policy explains how I handle your personal information in my professional practice.

What I collect

I may collect: your name, contact information, and other information you choose to provide when you get in touch; details about your enquiry and, if you begin therapy with me, information about your appointments, fees, and progress; health-related information you share during assessment or therapy; limited website usage data if you visit my site.

Why I use your data

I process personal information to: respond to enquiries; provide psychological assessment and therapy; manage appointments, records, and invoicing; meet my legal and regulatory obligations; communicate with you about your care; and, where applicable, send you information you have specifically agreed to receive.

‍Lawful bases I rely on

‍Contract (providing services or taking steps before providing services); legal obligation (for example, record keeping and tax); legitimate interests (for certain communications), for health-related information (article 9(2)(h) UK GDPR: provision of health or social care).

Special category data

I only process health information for the purposes of psychological assessment and therapy, under the lawful basis above. This information is kept strictly confidential.

How I collect your data

Most information comes directly from you (via forms, email, or in sessions). If relevant and with your consent, I may also receive information from your referrer, such as your GP or other health professional.

Sharing

‍I would only share information: with service providers who securely store or process data on my behalf (e.g., practice management, email, video consultation); with other health professionals involved in your care, but only with your explicit consent (unless there is a legal requirement or serious risk of harm); with regulators, insurers, or legal advisers when required by law. Some service providers may store data outside the UK. In these cases, I ensure appropriate safeguards are in place.

How long I keep your data

Normally, up to a year if you do not proceed to therapy, and up to 7 years after our last contact (longer if required by law) if you do so. Regarding my financial records, up to 6 years for tax purposes.

Your rights

You have the right to: request access to your data; ask for corrections; request deletion (where applicable); restrict or object to processing; request data portability, withdraw consent where it is the basis for processing. If you wish to exercise any of these rights, please contact me.

Security

I use appropriate technical and organisational measures to protect your information, including secure devices, encryption where available, and confidentiality agreements. If my website uses cookies, these are just used to improve the site. You can control cookies through your browser settings.

Updates

I may update this policy from time to time. The latest version will always be available on my website. It was last uptated on 08/08/2025.