top of page

Privacy Notice

Amy Harley Occupational Therapist (data controller – ICO)

Keyworth Notts NG12 5RN

07305 006055

The law

The GDPR states that I must have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which I am processing your data. The lawful bases for processing your data fall under contractual and consent.

If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information. If you are currently having therapy or if you are in contact with me to consider therapy, I will process your personal data where it is necessary for the performance of our agreement. The GDPR also makes sure that I look after any sensitive personal information that you may disclose to me appropriately. This type of information is called ‘special category personal information’. The lawful basis for me processing any special categories of personal information is that it is for provision of health treatment (in this case occupational therapy) and necessary for an agreement with a health professional – in this case between me and you. In this case, special category data will include health information, results of treatment and treatment plans.

How I use your information

Initial contact – When you contact me with an enquiry about my occupational therapy services, I will collect information (standard personal data) to help me satisfy your enquiry. This will include name, address, email address, phone number, date of birth, GP details. If you decide not to proceed, I will ensure that all your personal data is deleted within 4 weeks. If you would like me to delete this information sooner, just let me know.

While you are accessing occupational therapy – I will keep a written record of each session. This includes health information, treatment progress and treatment plans. Records are kept as a password protected document in encrypted I.T. cloud storage or as a paper record in a locked filing cabinet. This information is held in order to deliver occupational therapy services to you.

Rest assured that everything you discuss with me is confidential. That confidentiality will only be broken if I have your explicit permission, if the law allows, if it is to protect the public from harm or if it is in your best interests. I will always try to speak to you about this first, unless there are safeguarding issues that prevent this.

For security reasons I do not retain text messages for more than 2 weeks. If there is relevant information in a text message, I will transfer it to your written record. My email account is password protected with 2 factor authentication and only relevant emails are stored for the duration of your treatment. After this time, email correspondence will be transferred to your written records.

After occupational therapy has ended your written records will be kept securely for 7 years as per law. After this time the records will be securely destroyed. If I need to share your personal data for any reason you will be asked for consent.

Your rights

I try to be as open as I can in terms of giving people access to their personal information. You have a right to ask me to delete your personal data, to limit how I use your personal data or to stop processing your personal data. You also have a right to ask for a copy of any information that I hold about you and to object to the use of your personal data in some circumstances. You can read more about your rights at

If I do hold information about you I will:

Give you a description of it and where it came from; tell you why I am holding it, tell you how long I will store it for and how I made the decision; tell you who it could be disclosed to; let you have a copy of the information in an intelligible form.

You may ask me to correct any mistakes there may be in your personal information I hold about you.

To make a request for any personal information I may hold about you, please contact Amy Harley at You are not required to pay any charge and I have one month to respond to you. If you have any complaint about how I handle your personal information you can contact me or the ICO which is the statutory body that oversees data protection law in the UK. 0303 123 1113. Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Data Security

I take the security of the data I hold about you very seriously and as such take every effort to make sure it is kept secure. I use encrypted devices (PC, laptop and phone) and Microsoft cloud storage, an encrypted email provider (Gmail), a secure video conferencing platform (Zoom) and a locked filing cabinet. I am confident that your data is being stored in a safe and legitimate way.

Website and Cookies

My website is hosted by Wixsite. I personally do not access any standard internet log information or details of visitor behaviour patterns. Like most websites, uses cookies to help the site work more efficiently – find out more about cookies at

This is the Cookie Policy for amyharleyot, accessible from

What Are Cookies

As is common practice with almost all professional websites this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or 'break' certain elements of the sites functionality.

How We Use Cookies

We use cookies for a variety of reasons detailed below. Unfortunately in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.

Disabling Cookies

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies. This Cookies Policy was created with the help of the Cookies Policy Generator from Additional information has been added.

The Cookies We Set

  • Site preferences cookies

In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences we need to set cookies so that this information can be called whenever you interact with a page is affected by your preferences.

See list at end of policy.


  • Third Party Cookies

In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.

  • This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.

For more information on Google Analytics cookies, see the official Google Analytics page.

More Information

Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren't sure whether you need or not it's usually safer to leave cookies enabled in case it does interact with one of the features you use on our site.

For more general information on cookies, please read "Cookies" article from the Privacy Policy Generator.

Types of Cookies

In general, the cookies which are initially placed on the Wix website may be categorized as essential cookies.

Take a look at the table below to see which cookies are placed on Wix sites:

Cookie Name, Purpose, Duration, Cookie Type


Used for security reasons




Used for security reasons




Used in connection with user login

2 years



Used to indicate the system from which the site was rendered

1 minute



Used for system monitoring/debugging

3 months



Used for system monitoring/debugging




Used for cookie banner parameters

12 months



Used to identify logged in site members




Used for security and anti-fraud reasons




Used for system effectiveness measurement

30 minutes



Used for stability/effectiveness measurement

12 months



Used on multilingual websites to save user language preference

12 months



The following links explain how to access cookie settings in various browsers:

To opt out of being tracked by Google Analytics across all websites, visit this link:

bottom of page