Who we are
Our website address is: http://www.stablefocus.co.uk.
What personal data we collect and why we collect it
Under GDPR (2018) you have rights regarding your personal data; these include:
- The right to be informed about the data we hold and how it is used.
- The right to access your data if requested.
- The right to rectification of your data if you consider it incorrect.
- The right to erasure of your data – to be ‘forgotten’ by us through deletion.
- The right to restrict processing of your data.
- The right to data portability (i.e. to obtain a copy of your data to re-use with another service or organisation).
- The right to object to us using your data for a specific purpose.
- Rights to automised decision making and profiling.
If you have any questions or concerns about how we use your personal data then please contact firstname.lastname@example.org and we will do your best to address your enquiry. Note that all data is collected in compliance with the ICO Information Commissioner’s Office.
The type of data we collect
The following data is collected through our website via our contact form (see below) and through cookies:
- email address
- phone number
If you work with Stable Focus additional data will be collected depending on your involvement with us. At the time of data collection, your informed consent will be obtained. Data might include:
- email address
- date of birth
- past medical history where relevant (this will be openly discussed with you)
If you complete a contact form, you are providing some personal data including your email address and your name. We only keep your data for as long as we need it in order to respond to your enquiry and follow up and/or if you give permission for us to keep your details. During this time your data will be processed and stored securely in accordance with GDPR. We do not share your data with third parties and currently do not operate a mailing list.
How do we use your data
Your data might be used to get in touch with you if you have made an enquiry, or your data might be used differently if we have a contract with you or in order to carry out our professional role which might include individual or group work, or anonymised aggregate research. You will be informed on possible uses of your data when you provide consent for its use in order for us to comply with GDPR.
Your data might also be used in order to help us to run our website more efficiently, and understand activity on it better. This information is collected via cookies.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
There are various types of Cookies that are used for various reasons such as:
- analytics cookies – to help us to understand how you use our site and how efficiently you are able to navigate around it.
- targeting cookies – so that we know how often you visit our site and which pages you most frequently visit.
- functionality cookies – which help us to remember any saved preferences where preferences are given.
- persistent cookies – these stay on your site for a pre-determined amount of time and may be the result of another cookie.
- session cookies – these are temporary and will terminate when you close your browser.
Who we share your data with
We do not share your data with third parties if you visit our website.
If you come into contact with the services of Stable Focus we will use your data in different ways depending on the reason why it has been collected. We will only use your data in the way that is explicitly outlined to you and for which consent is obtained.
If your data is needed to be shared with a third party for clinical or professional reasons, such as with recruitment, you will be fully informed of this in advance.
If you complete an online assessment as part of your involvement with Stable Focus, your consent will be obtained. The online system that we use
How long we retain your data
Your data will be processed in accordance with the reason why it was collected. An enquiry might be processed within weeks and a follow up message sent before being deleted from our system after 24 months. Other data may be held for longer, such as clinical records for 8 years following completion of treatment or death in accordance with DPA 98 guidelines or longer for baseline assessment data that might be required in the event of Traumatic Brain Injury or Acquired Brain Injury, consent will be obtained for this and safe storage adhered to. Data that we have consent to use for research will be kept until it has been used for this purpose, consent will be obtained for this.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Data from contact form will be sent to our email address which will be directed to email@example.com.
How we protect your data
We only keep your data for as long as we need to in order for it to be used in the way that you have consented for its use.
Your data will be stored in the UK, the exception being if people are involved with Qinteractive online assessment system in which case your data will be securely held (see below).
Data will be encrypted using FileVault – a disk encryption program in OS X 10.3. A Fire Wall is set up on the computer to protect agains unauthorised access from external sources.
Analogue data will be kept safely in locked filing cabinet in locked office. There is restricted access to this data.
Qinteractive is an assessment platform used to assess aspects of psychology. If used the following apply – more information can be obtained through their site data security policy http://www.helloq.co.uk/overview/data-security.html.
- Q-interactive is run by Pearson. Pearson have a dedicated hosting facility in Toronto, Ontario, Canada. All data on Q-interactive is protected using encryption, physical security and administrative safeguards.
- Pearson’s hosting facility in Canada satisfies the security requirements of U.S., Canadian, European Union data privacy laws.
- Pearson security for data stored on Q-interactive complies with the Data Protection Act 1998, and in accordance with guidance on data protection from the Information Commissioner’s Office (ICO). The safeguards include  administrative safeguards (the use of passwords and encryption)  physical safeguards (encryption)  technical safeguards (encryption and use of SSL).
- Pearson will not use identifiable data for research. They may aggregate raw data in de-identified non-personally identifiable form for internal quality control, management, security and research to enhance and develop the testing process. De-identification of data means that the test responses can not be identified as belonging to an individual.
Informed consent will be required before Stable Focus uses qinteractive and the above detail will be discussed.
What data breach procedures we have in place
If you are concerned that your data has been breached, contact firstname.lastname@example.org immediately so that we can look into it. You are also able to report concerns to the ICO.
What automated decision making and/or profiling we do with user data
We only use profiling where this has been explicitly consented to in our assessment work with you. This will be described to you, consent obtained and a summary and or report and or feedback provided to you. This will be done by qualified persons only and in accordance with our regulating body the British Psychological Society.
Industry regulatory disclosure requirements
As a psychological service we will only disclose information that we have expressly told you about. This can particularly be for recruitment purposes or for clinical purposes when working with medical or allied health colleagues, or if we deem you or someone around you to be at risk.