Privacy policy

This Privacy Policy outlines how we collect, store, and process your personal data at Lukas Dressler Psychology. We are committed to safeguarding your information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other relevant legislation. 

Who We Are 

Lukas Dressler Psychology is a private practice based in the United Kingdom offering psychological assessment, therapy, and medico-legal expert witness services. We are registered with the Information Commissioner’s Office (ICO) under registration number ZA886885. 

If you have any questions about this policy or the way we process your data, you can contact: 

Data Controller: Lukas Dressler   
Email: hello@lukasdresslerpsychology.com   
Address: Address: SD CC&C Services t/a Lukas Dressler Psychology, Office 10 – Kingsway House, 134 Church Road, Hove, BN3 2DL, United Kingdom. Company Registration number: 13194498. 

What This Policy Covers 

This policy explains how we collect, use, and store personal information relating to: 

  • Therapy clients (self-funded or referred) 

  • Medico-legal claimants and instructing parties 

  • Website visitors and general enquirers 

  • Contractors and affiliates providing services 

It applies whether you are a current, former, or prospective client, or are involved with the practice in any other professional capacity. 

 

Visitors to the Website 

When someone visits www.lukasdresslerpsychology.com, a third-party service, Google Analytics, is used to collect standard internet log information and details of visitor behaviour patterns. This helps to understand how visitors interact with the website, such as the number of visits to different pages. The data collected is processed in a way that does not identify anyone. 

We do not attempt, nor do we allow Google to attempt, to find out the identities of those visiting the website. We rely on legitimate interests as the lawful basis for collecting and processing this information. 

We use Google Analytics to help improve the services we offer. You can read Google Analytics’ privacy notice here. We also use Squarespace as the content management system for the website. You can find out more about Squarespace and data protection here

Like most websites, cookies are used to help the site function efficiently. No user-specific data is collected by us or any third party. If you fill out a form on the website, your data may be temporarily stored by the web host before being forwarded to us. 

What Data We Collect 

We may collect and store: 

  • Full name, contact details (email, phone, address) 

  • Date of birth, gender, occupation, relationship/family details 

  • GP and emergency contact details 

  • Medical and psychological history 

  • Medications and diagnoses 

  • Referral letters, reports from other professionals 

  • Financial information (e.g. invoices, payments, insurance details) 

  • Legal case materials if you are a medico-legal claimant 

  • Communications sent to/from us, including emails and session notes 

 

Lawful Bases for Processing Your Data 

We process personal data under the following lawful bases: 

  • Contractual necessity: to provide psychological assessment or therapy services 

  • Legitimate interests: to maintain business records, manage appointments, or retain data for legal or medico-legal accountability 

  • Provision of health care or treatment: for processing special category data (e.g. health or mental health) 

  • Legal obligations: for compliance with court processes or insurance requirements 

  • Consent: where required, particularly in cases involving medico-legal data disclosure 

How We Use and Share Your Data 

Your data is kept confidential and is only used for its intended purpose. We may share information with: 

  • Your GP, referrer, or insurer (with your consent) 

  • Instructing parties in legal cases 

  • Emergency services, if we believe there is a serious risk to life or safety 

  • The police, courts, or safeguarding services, if legally required 

  • Other professionals involved in your care 

  • Outsourced service providers (e.g. transcription, dictation, secure cloud storage), under GDPR-compliant contracts 

We do not sell your data to third parties. 

Testimonials on Website 

All testimonials published on the website were provided voluntarily and without prompting. Each individual gave explicit consent to have their feedback displayed on the website. 

Medico-Legal Clients (Expert Witness Work) 

If you are a claimant referred for a court report or legal claim: 

  • We may receive your information via an instructing party (e.g. solicitor, agency) 

  • We may collect information on alleged offences, litigation history, psychological impact, and health status 

  • All information shared is limited to that necessary to produce a psychological report and is stored securely 

  • Disclosure of information in reports may be required by the court 

Data Security 

All records are stored electronically via WriteUpp™, a GDPR-compliant clinical management system, or securely in encrypted cloud storage. Staff and contractors are bound by confidentiality agreements and data protection protocols. 

Retention Periods 

  • Financial records: kept for 8 years for accounting and regulatory compliance 

  • Therapy and assessment records: retained for 8 years after treatment ends, or for 8 years after the 18th birthday if the client is a child 

  • Medico-legal reports: retained for 8 years, or in line with legal requirements or insurance policies 

Your Rights 

Under UK GDPR, you have the right to: 

  • Access the personal data we hold about you 

  • Request rectification of inaccurate data 

  • Request erasure of data ("the right to be forgotten") 

  • Restrict or object to processing 

  • Data portability (in some cases) 

  • Withdraw consent where applicable 

To exercise your rights, please contact the Data Controller. 

Data Breaches 

If a data breach occurs that may affect your rights or freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours in accordance with legal requirements. We have procedures in place to manage breaches and to review any systemic causes. 

International Transfers 

Our preference is to store data within the UK. Should any data be processed outside the UK or EEA, it will be under equivalent safeguards and GDPR-compliant contractual terms. 

Updates to This Policy 

This Privacy Policy may be updated periodically. The most recent version will always be available at www.lukasdresslerpsychology.com/privacy-policy. 

Complaints 

If you are concerned about the way we have handled your data, please contact us first. If you remain dissatisfied, you may contact the ICO: 

Information Commissioner's Office   
Website: https://ico.org.uk/concerns   
Phone: +44 (0)303 123 1113   
Email: casework@ico.org.uk