Privacy policy

Introduction

Your privacy matters deeply to me. As a counsellor and coach, I understand that you are sharing some of the most personal aspects of your life, and I take the responsibility of protecting that information seriously.

This privacy policy explains what personal information I collect, why I collect it, how I use and store it, and what your rights are. It applies to all interactions with Equalition, whether you are browsing my website, making an enquiry, or accessing counselling or coaching services.

I adhere to current UK data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003. I also follow the ethical standards set by the National Counselling and Psychotherapy Society (NCPS), to which I am registered, and align my practice with the BACP Ethical Framework for the Counselling Professions.

Who Is Responsible for Your Data

The ‘data controller’ is the term used to describe the person or organisation that determines how and why personal data is processed. In this case, the data controller is:

Marion Wadowski

Trading as Equalition

Based in Horsham, West Sussex

Website: www.equalition.com

Email: marion@equalition.com

Please feel free to contact me using the details above if you have any questions about this policy or about how I handle your personal information.

What Personal Information I Collect

The information I collect depends on how you interact with me. I have set out below the different stages at which I may collect your data.

When You Visit My Website

When you visit www.equalition.com, I may collect standard internet log information and details of visitor behaviour patterns through third-party analytics tools. This information is processed in a way that does not identify anyone. I do not make any attempt to find out the identities of those visiting my website.

My website may use cookies to help it function effectively. For details, please see the Cookies section of this policy.

When You Make an Enquiry

When you contact me to enquire about my services, I will collect the information you provide, which may include your name, email address, phone number, and a brief outline of what you are looking for. This helps me understand whether my services might be a good fit for you.

If you decide not to proceed with counselling or coaching, I will securely delete all your personal information within 30 days, unless you ask me to do so sooner.

When You Access Counselling or Coaching

If you become a client, I will collect additional information to support our work together. This may include:

Your full name, date of birth, and contact details
Emergency contact information
Information about your neurodivergence, diagnoses, or traits you identify with
Relevant medical or mental health history
Information about your family situation, including any neurodivergent children you may be supporting
Details about your GP (with your consent, and only where clinically relevant)
Session notes and records of our therapeutic work
Any correspondence between us (email, messaging)
Payment and invoicing information

Some of this information — particularly anything relating to your health, neurodivergence, or mental wellbeing — is classified as ‘special category’ data under UK GDPR and receives additional protection.

When You Subscribe to My Newsletter

If you sign up to receive my newsletter or other communications, I will collect your name and email address. You can unsubscribe at any time.

My Lawful Basis for Processing Your Data

UK GDPR requires that I have a lawful basis for processing your personal information. The basis I rely on depends on the stage of our relationship:

If you are making an enquiry

I process your data on the basis of legitimate interest (Article 6(1)(f) UK GDPR). My legitimate interest is to respond to your enquiry and provide you with information about my services.

If you are a current client

I process your personal data on the basis that it is necessary for the performance of our contract (Article 6(1)(b) UK GDPR) — that is, the counselling or coaching agreement between us.

For special category data (such as information about your health, neurodivergence, or mental wellbeing), the lawful basis is that processing is necessary for the provision of health treatment and is carried out under a contract with a health professional (Article 9(2)(h) UK GDPR, read with Schedule 1, Part 1, Paragraph 2 of the Data Protection Act 2018).

If counselling or coaching has ended

I retain your records after our work together has ended on the basis of legitimate interest (Article 6(1)(f) UK GDPR). This is to protect both your interests and mine — for example, if a complaint or legal claim arises, or if you return to counselling at a later date and it would be helpful to refer to previous records.

If you visit my website or subscribe to my newsletter

I process your data on the basis of legitimate interest for website analytics (to improve my services) and on the basis of consent for marketing communications such as newsletters.

Confidentiality

Everything you share with me in our sessions is confidential. This is fundamental to the therapeutic relationship and is central to the NCPS Code of Ethics and the BACP Ethical Framework.

There are very limited circumstances in which I may need to break confidentiality, and I would always try to discuss this with you first where possible. These circumstances include:

If I believe there is a serious risk of harm to you or to another person
If there is a safeguarding concern involving a child or a vulnerable adult
If I am required to do so by a court order or by law (for example, under the Terrorism Act 2000 or the Drug Trafficking Act 1994)
If required by my professional body (NCPS) as part of a formal complaint or conduct investigation

I bring my clinical work to regular professional supervision, which is a requirement of ethical practice. In supervision, I discuss the therapeutic process to ensure I am working safely and effectively. Client identities are protected through anonymisation — I do not share names or identifying details with my supervisor unless there is a safeguarding concern.

How I Store and Protect Your Data

I take the security of your personal information very seriously. All client data is stored securely using the following measures:

All electronic records are stored on encrypted, password-protected devices
Session notes are kept in a secure, encrypted digital system, separate from your contact details (a process called pseudonymisation)
Email and electronic communications are conducted through secure, encrypted channels where possible
Video sessions are conducted via a secure, end-to-end encrypted platform
Payment information is processed through a secure payment provider and I do not store your financial details directly
Any paper records (if applicable) are kept in a locked filing cabinet and destroyed securely when no longer needed

I do not store your data outside the UK unless a third-party tool I use (such as a video platform or email provider) processes data internationally. Where this is the case, I ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions recognised under UK GDPR.

How Long I Keep Your Data

I follow professional body guidance and data protection principles when deciding how long to retain your records:

Enquiry data (where you do not become a client): securely deleted within 30 days
Adult client records: retained for a minimum of 6 years after our last session, then securely destroyed. This aligns with the limitation period for legal claims and professional body guidance.
Client records for those under 18: retained until the client reaches the age of 25, or for 6 years after the last session, whichever is longer
Newsletter subscriber data: retained until you unsubscribe
Website analytics data: retained in accordance with the analytics provider’s policies, in anonymised form

If you would like me to delete your data sooner than these timeframes, please let me know. I will do so unless there is a legitimate reason to retain it (for example, an ongoing complaint or legal matter).

Records are pseudonymised where possible during the retention period. This means your identifying details (name, contact information) are kept separately from your session records and linked only by a reference code.

Third Parties Who May Receive Your Data

I may share limited personal data with the following third parties in the course of providing my services. Where I do so, I ensure appropriate data protection agreements are in place:

My professional supervisor (anonymised information only, unless a safeguarding concern applies)
My professional body (NCPS), if required as part of a complaint or conduct investigation
HMRC, for tax and accounting purposes (financial records only)
My professional indemnity insurance provider, if a claim is made
Secure technology providers that support my practice (for example, my video platform, booking system, email provider, or payment processor)
Any other party required by law, such as the police or courts

I will never sell your data or share it with any third party for marketing purposes.

Your Rights

Under UK GDPR, you have a number of rights regarding your personal data. These include the right to:

Access: request a copy of the personal information I hold about you
Rectification: ask me to correct any information that is inaccurate or incomplete
Erasure: ask me to delete your personal information (subject to any legal or professional obligations I have to retain it)
Restriction: ask me to limit how I use your information in certain circumstances
Data portability: request that I transfer your data to another provider in a commonly used format
Object: object to the processing of your data where I am relying on legitimate interest as my lawful basis
Withdraw consent: where I am relying on your consent, you may withdraw it at any time

To exercise any of these rights, please contact me using the details at the top of this policy. I will respond to your request within one month.

If you are unhappy with how I have handled your personal information, I would encourage you to speak with me first so that I can try to resolve your concern. If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Website: ico.org.uk/make-a-complaint

Telephone: 0303 123 1113

Online Sessions and Digital Communications

As my practice operates entirely online, there are specific considerations around data protection in the digital environment:

Video sessions are conducted through a secure platform. I do not record sessions unless we have explicitly agreed to this in advance and you have given written consent.
I encourage you to access sessions from a private space where you feel comfortable and where your confidentiality can be maintained at your end.
Email communications may not always be fully encrypted. I will not include sensitive clinical information in emails unless we have agreed a secure method of communication. Where possible, I use encrypted email or secure messaging.
Text messages and instant messages are deleted from my devices within 7 days unless they contain information relevant to your care, in which case they are transferred to your secure client record.
If there is a technology failure during a session, I will attempt to reconnect. If this is not possible, I will contact you using an agreed method to reschedule.

Cookies

My website may use cookies — small text files placed on your device — to help the site function and to understand how visitors use it. These may include:

Essential cookies: necessary for the website to function properly (for example, remembering your cookie preferences)
Analytics cookies: used to understand how visitors interact with my website, helping me improve it. These do not identify individual visitors.

You can control and manage cookies through your browser settings. For more information about cookies and how to manage them, visit allaboutcookies.org.

Non-essential cookies will only be set with your consent.

Changes to This Policy

I will review this privacy policy annually and update it as needed to ensure it remains accurate and compliant with current legislation and professional standards. The date of the most recent update is shown at the top of this document.

If any significant changes are made, I will make reasonable efforts to inform current clients directly.

How to Contact Me or Raise a Concern

If you have any questions about this privacy policy or about how I handle your personal data, please do get in touch. I am always happy to discuss this with you.

Email: marion@equalition.com

Website: www.equalition.com

If you wish to raise a concern about my professional practice more broadly, you can contact the National Counselling and Psychotherapy Society (NCPS) at ncps.com.

Get in touch

How can we help you?

EMAIL ADDRESS

marion@equalition.com

Languages Spoken

English & French

Marion Wadowski is a member of the Association for Coaching and the NCPS. She is compliant with UK GDPR legislation and the NCPS & ICF Codes of Ethics. ICO: CSN7113817 © 2026 / Equalition / All rights reserved.

Equalition is not a crisis service, and I am not available outside of scheduled sessions.

If you are in immediate danger, please call 999 or go to your nearest A&E. If you need to talk to someone urgently, the Samaritans are available 24 hours a day, 7 days a week — free, confidential, and without judgement:

📞 116 123 (free, any time), ✉️ jo@samaritans.org

You can also text SHOUT to 85258 for free, confidential text-based crisis support.

If you're in a mental health crisis and unsure what to do, you can also contact your GP, call NHS 111, or find your local mental health crisis team through 111.

You matter. Please reach out to the right support — help is there.