Resources

GDPR templates for counsellors

By Kiku

Stay GDPR compliant with Kiku

As therapists it's essential that we make sure we're running our services in accordance with GDPR to protect our clients' privacy. Finding industry specific guidance on this however, can be a challenge. 

Here, we've brought together all the tools you'll need to keep your data protection processes on point.

Create a Privacy Policy

In line with GDPR, your service will require a privacy policy that outlines 

What client data you hold

What you do with this data

How you keep it secure

What you do with it after therapy comes to an end

Add your policy to your website and / or send a copy to clients when they make their first booking.

Download our Privacy Policy template

Obtain client consent

When a new client joins your service you'll need to obtain their consent to store and process the personal data. 

As part of this process you'll need to make them aware of the information that you'll hold, how you'll store it and what their rights to this data are under GDPR.

When clients book in with you using your Kiku online booking system, we'll ask clients to give their consent at the point of booking, or you can send a e-consent request to your clients yourself directly from your Client Database.

Alternatively, if you'd prefer to take written consent you can use the template we have for you here.

Download an example Client Consent form

Do a data audit

To be fully GDPR compliant we have to a) know what client data we hold and b) be able to justify why we collect and store this data.

It's good practice to conduct a data audit to list the type of data your service collects, why, how it's stored and how long for. This will help you to get clear on what the data protection rules of your service should be and will serve as evidence of sound data protection practices, should this ever come under scrutiny.

Complete our data audit download to record the data you process, your reasons for doing so, how you store the data and how long for.

Download our Data Audit Template

Be SAR ready

Your clients have the right to request to view or amend the data that you hold on them, and to ask that you delete all data. When they make such a request under their GDPR this is termed a "Subject Access Request" or SAR.

It is good practice to ask clients to sign a Subject Access Request form that you'll keep for your records.

Download an example Subject Access Request form

Say goodbye to admin for 30 days, for free!

Start using Kiku for free today, no credit card needed and no strings attached. Simply choose your plan and find out how easy managing your practice can be.

Get started
This website uses cookies to ensure you get the best experience on our website.