Basecamp Cooperative Privacy Policy

Last updated: 22.11.2025

1. Introduction

This Privacy Policy explains how Basecamp Cooperative, a registered mutual cooperative (“we”, “us”, “our”), collects, uses and protects your personal data.

We provide:

  • Counselling services

  • Counselling training courses

  • Related administrative and support services

We are committed to maintaining the highest standards of confidentiality, professional ethics and data protection in accordance with the UK GDPR and Data Protection Act 2018.

If you have any questions, please contact:
Email: admin@basecamp-chepstow.co.uk
Address: Top Floor, St Maur,
Beaufort Square,
Chepstow NP16 5EP
Phone: 01291 621 636

2. Data Controller

For the purposes of UK data protection law, the data controller is:
Basecamp Cooperative

3. The data we collect

3.1 Personal information

  • Full name

  • Contact details (email, phone number, address)

  • Date of birth (if required)

  • Account or booking details

3.2 Counselling-related information

As part of providing counselling, we may collect and process special category data, including:

  • Information relating to mental health or emotional wellbeing

  • Information disclosed during assessments or sessions

  • Relevant background information voluntarily provided by you

We only collect this information with your explicit consent or another lawful basis permitted under UK GDPR.

3.3 Training course information

  • Enrolment details

  • Course progress

  • Assessment results

  • Tutor feedback

  • Attendance records

3.4 Technical data

  • IP address

  • Browser type/device type

  • Website usage data

  • Cookies (see Section 10)

3.5 Payment information

Payments are processed securely by third-party processors such as Stripe and PayPal.
We do not store full card details on our servers.

4. How we use your data

We may use your information to:

Counselling services

  • Provide counselling or psychotherapy

  • Manage appointments, assessments and clinical notes

  • Ensure continuity of care

  • Handle safeguarding concerns, where legally required

Training services

  • Enrol you on courses

  • Manage coursework, submissions and assessments

  • Provide student support

  • Issue certificates and maintain training records

General operations

  • Process payments

  • Communicate with you

  • Respond to enquiries

  • Maintain internal administrative records

  • Meet legal, regulatory and insurance obligations

  • Improve our services and website

We will never sell your data or use it for unrelated purposes.

5. Lawful bases for processing

We process your data under one or more of the following lawful bases:

  • Contract – to provide services you have requested

  • Legal obligation – safeguarding, insurance, record-keeping

  • Explicit consent – for counselling notes and special category data

  • Vital interests – where there is a risk of serious harm

  • Legitimate interests – business operations, service improvement

Where we rely on consent, you may withdraw it at any time.

6. How we store and share your data

We may share your data only with:

  • Counsellors or trainees involved in your care (where appropriate)

  • Supervisors/assessors (for training purposes)

  • IT service providers (hosting, email, cloud storage)

  • Booking systems (e.g., Amelia)

  • Payment processors (e.g., Stripe, PayPal)

  • Professional advisers

  • Regulators or authorities where legally required (e.g., safeguarding)

All third parties must comply with strict confidentiality and data protection obligations.

7. Counselling notes and confidentiality

Counselling notes are:

  • Stored securely

  • Kept separate from general administrative data

  • Accessible only to authorised practitioners

  • Not shared with third parties unless required by law (e.g., risk of harm, court order)

We follow the professional standards of BACP.

8. International data transfers

If any of our service providers store data outside the UK, we ensure appropriate safeguards are in place, such as:

  • Adequacy regulations

  • UK-approved Standard Contractual Clauses

  • Appropriate technical and organisational measures

9. Data retention

We retain data only as long as necessary:

  • Counselling records: typically 7 years after the end of services (or longer if required by professional or insurance standards)

  • Training records: typically 6 years or as required for accreditation

  • Financial records: 6 years (HMRC requirement)

  • Website analytics: short-term, anonymised where possible

After retention periods expire, data is securely deleted or anonymised.

10. Cookies

We use cookies to:

  • Enable essential website functions

  • Improve performance and user experience

  • Analyse website traffic

Non-essential cookies (such as analytics) will only be set with your consent.

11. Your rights

You have the right to:

  • Access your personal data

  • Request correction

  • Request deletion (where appropriate)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent

  • Complain to the ICO

To exercise your rights, contact us at admin@basecamp-chepstow.co.uk.

ICO website: https://ico.org.uk/

12. Children and vulnerable clients

We only collect data from children or vulnerable adults with appropriate consent and in line with our safeguarding policies.

13. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always appear on this page.