1. What information will we use?

Eden’s Promise CIC will collect and use any information about you that you provide. This information includes information following any enquiry or registration either as a client or counsellor. All personal information provided will be treated as private and confidential.

We promise we will never share your details with anyone else.

* Counsellors will need to bring photo ID and DBS when attending a school for the first time.

2. How will your information be used?

Eden’s Promise CIC will use the information you provide solely for the purposes of the service being delivered. You may choose not to provide the requested information but this may prevent you from accessing the appropriate service.

3. When we can use your information

We collect and use your information in the following situations:

where our use of your information is necessary for us to perform the service being provided to you.

where we believe it is necessary to use your information to comply with a legal obligation to which we are subject

we will rely on your consent to use your information for marketing to you by email

Where we rely on consent to use your information, you have the right to withdraw that consent at any time. You may do so by contacting the EDEN’S PROMISE CIC directly via email: hello@teaoftherapy.com 

4. The period for which we will keep your information

We will keep your information for as long as is necessary for us to fulfil the purposes that we describe in this policy. As a general rule, however, we will keep:

the information you provide when you register with the EDEN’S PROMISE CIC, together with any updates you make to that information for the duration of your contract.

for the duration of 7 years in keeping with the Record Keeping Guidelines detailed in the British Association for Counselling and Psychotherapy (BACP) Ethical Framework for the Counselling Professions

5. Who will we share your information with?

The EDEN’S PROMISE CIC will not sell, rent, trade or give away any users personal information or e-mail lists to third parties. We may share your information when required and only with your original hand-signed consent with:

any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party 

6. Your choices and rights

You have a number of rights in relation to your information, and can make a number of choices about how we collect and use it. For example, you can decide not to receive marketing material from us. Note that some of the choices or changes you make may impact our ability to inform you of significant updates or forthcoming events.

You can contact us using the details below to:

request access to your information

ask that we update, complete or correct your information

ask that we erase or restrict our use of your information

request that we provide your information to you in a commonly used electronic format and to have that information transmitted directly to another organisation (this is known as the right to ‘data portabililty’)

object to EDEN’S PROMISE CIC using your information

 If you are concerned about how your information is used, please contact us at

Eden’s Promise CIC 74a High Street Wanstead, London, England, E11 2RJ

hello@teaoftherpay.com

​

Alternatively you have a right to complain about our use of your information to the Information Commissioner’s Office.

7. Who we are

We are Eden’s Promise CIC (EDEN’S PROMISE CIC), a company registered in England under number 09674918. Our registered office is at 74a High Street Wanstead, London, England, E11 2RJ. We are the Data Controller.

Website Privacy Policy

 1. Which forms do we use to collect data on our site?

We use the following forms:

• Join now

• Application

• Register / login form for Counsellors and Clients

2. What data are we collecting in these forms?

All data that has been collected will be stored in a personal portal that the client and counsellor will have access to.

Join now – Counsellor

Name

Address

Gender

Email

Password

Submit 

Terms and Conditions

The Counsellor portal will consist of the following information

My Profile

Application 

Applicant information

Education and Qualifications

Employment and Voluntary

References

Convictions and Safeguarding

Availability

Disclaimer

Supporting Statement

Supporting Documents

Photo ID

DBS

BACP membership details

Bank details

Account holder name

Account Number

Sort Code

Jobs and Timetable

Safeguarding and disclosure log

Supervision bookings

Sign in and out of premises

Message Centre

Join Now – Client

Name

Email

Company

Industry

Your role

Address

Telephone

Password

Register

Terms and Conditions

The Client portal will consist of:

Request form

Outline of what the company require from Eden’s Promise

Arrange a meeting

A date of meeting

Contract

Signed contract

Referral forms PDF file

Consent form PDF file

Invoice Details

Company Name

Email address

Sign in and out of premises

Message Centre

Both portals will only be accessible using an username and password.

3. Why are we collecting this data?

• All data is collected to confirm contracts and agreements but also used to verify payment options.

• Register / login form for Client and Counsellors– Username and password are stored in the site but are not used by EDEN’S PROMISE CIC. They exist only to enable Clients and Counsellors to log into the designated areas. EDEN’S PROMISE CIC has no access to the passwords set for these accounts.

4. Is this data relevant?

Only relevant data is collected.

5. How will we use this data?

The data collected will not be used for marketing purposes.

It will only be used as described in point 3. 

6. How will this data be stored?

All data gathered through the website will be stored as follows:

• In the website back-end. The website is stored on a shared server at Wix. (https://www.wix.com)

• All data gathered through the website is backed up on a daily basis using the

SafeNsound service. (www.safensound.ie.) Back-ups are kept on AWS (Amazon Web Services) servers. These servers are located in Dublin (Ireland).

7. Do we have adequate consent to collect, use and store this data?

• Counsellor portal – Consent is given when during the Join Now function of the website. Consent is also given at the end of the Application Form. Without consent the process of the application cannot be taken further.

Client portal – Consent is given during the signing of the contractual agreement. Consent and Referral forms are given to clients for them to retrieve this information from parents and guardians. 

8. How can a customer change/delete this data?

• Client and Counsellors can login to their portal

On logging in, the Client and Counsellor can delete their account. This will remove their username and password from the system.

• Any further data collections will be within the message centre. All enquiries will be logged in the message centre. The Client and Counsellor will always have access to this.

Data gathered through the contact us initial assessment and checkout forms. You can contact us using the details below to:

request access to your information

ask that we update, complete or correct your information

ask that we erase or restrict our use of your information

request that we provide your information to you in a commonly used electronic format and to have that information transmitted directly to another organisation (this is known as the right to ‘data portabililty’)

object to EDEN’S PROMISE CIC using your information

If you are concerned about how your information is used, please contact us at

Eden’s Promise 74a High Street Wanstead, London, England, E11 2RJ

hello@teaoftherapy.com

9. In case data needs changing, how long will this take.

• Student and counsellor login/registration

Data is deleted out of the website immediately on pressing the delete button.

Backups are kept 90 days. Therefore the data will be also deleted out of the backups after 91 days.

• Data gathered through other forms will be deleted within 30 days

Records of work will be kept for 7years on Eden’s Promise CIC files due to BACP standards

10. Where is the data stored?

All data gathered through the website will be stored in the website back-end. The website is stored on a shared server at Wix. (https://www.wix.com

11. Do we keep backups of data? Where are they stored?

All data gathered through the website is backed up on a daily basis using the SafeNsound service. (www.safensound.ie.) Backups are kept on AWS (Amazon Web Services) servers. These servers are located in Dublin (Ireland).

12. Where else do we store data?

Data is stored on a secure Dropbox account that only EDEN’S PROMISE CIC staff have access to. This data can also be deleted as described in points 8 and 9. Should I do this?

13. Who can access the data in the website?

Any persons that are the administrator of the website can access the data.

14. Who can access the backups?

Backups can be accessed by employees of BeMoore Web Services ltd through the SafeNsound service or by EDEN’S PROMISE LTD employees on request.

15. Can data be erased from the backups?

Data cannot be erased from the backups.

16. How long are backups kept?

Backups are taken twice daily and are kept for 90 days. Therefore any data contained in the backups will be automatically erased after 91 days.

17. How is the website protected from hacking and data breaches?

Security is provided by SafeNsound – www.safensound.ie

• Plugins, themes and files are updated on a daily basis.

• Security patches are applied as soon as they become available

• Strong password enforcement

• Daily scanning for vulnerabilities and security risks

• Comment and spam management

• Secure daily backups

• Secure user management

• Easyspace hosting service also provide security measures.

18. Who has access to the security settings on my site?

Any persons that are an administrator of the website can access the security settings.

19. Does our hosting provider have security measures in place to safeguard our data?

Secure web hosting is a standard feature of all Easyspace hosting packages.

20. Does our backup provider have security measures in place to safeguard our data?

Backups are kept on a secure AWS server. Security is in place.

21. What procedure do we have in place in the event of a data breach?

In the case of a personal data breach, the EDEN’S PROMISE CIC shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.

22. Who is most likely to find that data has been breached?

Breaches are most likely to be discovered by the SafeNsound service. Breaches can possibly also be discovered by customers who might be contacted through spam/unsolicited emails.

23. How will this person inform the relevant people in the organisation?

In the event of a breach being discovered by a SafeNsound employee, this employee will notify EDEN’S PROMISE CIC by email within 24 hours. If no reply is received, the SafeNsound employee will contact EDEN’S PROMISE CIC by phone.

24. Who will determine if the data breach needs to be reported to the Data Protection Commissioner (DPC)? Who is responsible for doing so?

The EDEN’S PROMISE CIC Board of Management

25. Who is responsible for contacting those who have been affected by the data breach?

The EDEN’S PROMISE CIC Board of Management

26. After a hack or data breach how will we review all security measures and update these where appropriate?

Any revision in security measures will be done by the SafeNsound team and discussed with EDEN’S PROMISE CIC.