When you trust us with your personal information, we take our responsibility to protect it very seriously. We respect your privacy and your rights to control your personal information. With that in mind, we want to be clear about the information we collect and why.
The main purpose of collecting your information is to provide you with the services offered on our website (our site), whether that’s using our site to find information, to contact a DBT therapist, to find out about training, advertise a job or for some other reason. No matter how you use our site, we want to help you to use it as effortlessly as possible.
We will not sell your personal information to third parties.
Please read this privacy notice carefully and make sure you understand it. You are considered to have accepted our privacy notice when you first use our site. If you do not agree with and accept it you must stop using our site immediately.
Our site may contain links to other websites that are not covered by this privacy notice. Also, this privacy notice does not apply to any contact between you and a DBT therapist displayed on our site. You should check the other party’s privacy notice to make sure you understand how they collect and use your information. We use service providers to gather and process comments received through our website. Under our contracts with those service providers, they must keep to data-protection regulations.
Where we have described any example scenarios in this notice, these are for guidance only. They are not actual and do not cover all scenarios.
On this page
- Who we are
- Our site
- The types of personal information we collect
- What we use your personal information for
- Where we store your personal information
- Providing your information to others
- Keeping your personal information
- Your rights
- Links to other sites
- Changes to this privacy notice
- How to contact us about this privacy notice
1. Who we are
We are the Society for DBT UK and Ireland. We are subject to UK and EU laws on privacy and data governance.
We are the data controller, which means that we are responsible for how personal information is gathered, stored and used.
We’re registered in the United Kingdom under company number 08239102, and our registered office and main trading address is: Second Floor, 2 Walsworth Road, Hitchin, Hertfordshire, SG4 9SP.
Our Data Compliance Manager is Carolyn Hinds (Membership Secretary). If you have any questions or concerns about your personal information, you can contact her at .
We are registered with the Information Commissioner’s Office (ICO) under registration number ZA784659.
2. Our site
If you provide your personal information when you visit or use our site, we (and any third party we use to process comments on our website) keep it private and store it securely until we no longer need it. We will only use it to provide the services you want from us.
We have tried to make sure the online forms you can use to send us emails or comments are safe and secure. However, it is not possible to guarantee that any email is secure, so if you email us, you do so at your own risk (meaning that you are responsible for the consequences of doing so).
We make sure that the personal information you provide is:
- used and stored in line with the appropriate privacy laws and regulations; and
- sufficiently protected by safety measures to make sure it cannot be seen or used by anyone who is not entitled to access it.
No information sent over the internet is completely secure. We will always do our best to protect your personal information as explained in this privacy notice, but we cannot guarantee the security of information you provide through our site.
3. The types of personal information we collect
We may collect the following personal information about you.
- Information you give us
We collect information you voluntarily provide through our site, , by email, , or in any other way. This includes information you provide when you contact a DBT therapist through our site, apply to be listed in, or are listed in, the directory, or when you report a problem with our site. The information you give us may include your name, address, email address and phone number. If you are a DBT therapist applying to be listed in our directory, you may also give us information about, for example, financial matters, qualifications, insurance and membership of professional bodies. If you are applying for accreditation you will need to provide us with information about your practice including recordings of your sessions. You may also provide us with documents, a personal description of yourself and a photograph. If we take any payments from you, we will do this securely through Stripe, which also performs its own security checks, and in line with industry standards.
Special category data (sensitive information)
When you provide information through our site, you are in control of the type and amount of information you provide. You may choose to provide information that may be classed as ‘special category data’. For example, you may choose to give a DBT therapist on our site information about your health to help them respond to your enquiry. Special category data includes information about your mental or physical health, your racial or ethnic background, your sex life or sexuality, your political opinions, trade-union memberships, or your religious or philosophical beliefs.
By using the forms on our site to contact a DBT therapist, share a personal experience, or send us any other information, you agree to us processing your information (including any special category data you have provided) as is necessary for the service you’ve requested (for example, emailing a copy of your enquiry to the DBT therapist you have chosen, or publishing your story on our site).
We will not be responsible for the type of information you voluntarily provide through our site. However, to make sure that we keep to the General Data Protection Regulation (EU) 2016/679 (GDPR) which the UK has agreed it will abide by as well (7/2021), we will ask you to tick a box on the appropriate form to confirm that we have your permission to process this information. We will only process the information if you have ticked the relevant box.
Please do not include sensitive information (such as details of your medical history) in any comment you post to our website.
Please do not send us any information about criminal convictions, offences or similar measures (criminal offence data) using any of our online forms, or include this information in any comments you make on our website.
Information we collect automatically
Whenever you visit our site we may automatically collect the following information.
- Technical information. For example, we may collect information about the type of device you use to visit our site, the internet protocol (IP) address used to connect your device to the internet, your log-in information, browser type and version, operating system and other technology on the devices you use to visit our site.
- Information about your visit, including what you click on, pages you view or search for, page response times, download errors, length of visit to certain pages, methods used to browse away from the page and any phone number used to call our membership services number.
- Information we receive from other sources
If you’re a DBT therapist applying to be listed in our directory, we may get information from, for example, the website of any professional body you are a member of. We would do this to help us approve your application more quickly.
- Analytics services
Analytics services track and report on the use of our website, including who uses it. They give us insights into how our customers use our products, which helps us to improve the service we offer. We may get information from analytics services (for example, Google Analytics and Facebook Pixel) to evaluate your use of our site, produce reports on things such as pages visited, time spent on pages, and clicks on our Facebook posts or links, and collect and evaluate other information relating to our site and use of the internet. The information we collect is anonymous.
We will make sure that all your personal information that we have is stored and used lawfully, in an open, honest and fair way, without removing or reducing your rights. We will only process your personal information if any of the following applies.
- You have given us permission to process your personal information for one or more specific purposes (for example, processing applications for membership or attendance at conferences or CPD events….).
- We need to process the information to enter into a contract with you or meet our obligations under a contract we have with you.
- We need to process the information to meet a legal requirement.
- We need to process the information to protect the vital interests of you or another person.
- Processing the information is in our legitimate interests or those of a third party who provides a service to us (for example, a company that processes card payments we take), unless these interests are outweighed by your basic rights. It is in our legitimate interests to process your personal information so that we can give you relevant information when appropriate, so that we can look at ways of establishing and improving our relationship with you. Our legitimate interests include using your information to analyse and improve our services and the content on our websites and apps, send you information about our services, and tell you about similar products and services that you might be interested in.
If, while visiting our site or using our services, you provide personal information about another person, you should make sure they know about this privacy notice and you have their permission to provide the information.
It may sometimes be appropriate for us to combine your personal information with other information we have about you, such as combining your name with the history of your relationship with us or where you live, work or visit.
If you fail to provide personal information
If you do not provide the personal information we ask for, you can still visit most areas of our site, but you may not be able to choose certain options and services.
In some cases, we may need to collect some personal information by law or under a contract, and you will be limited in the services you can use if you don’t provide personal information. For example, if you do not provide your personal information you will not be able to be listed in our directory. We will let you know how this will affect you at the time.
A few of the cookies used last only for the duration of your accessing the website and expire when you close your browser. Other cookies are used to remember you when you return to the site and will last for longer.
Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser settings to prevent that or to notify you each time a cookie is set. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the site.
To can find out more about cookies, please visit www.allaboutcookies.org.
Our cookies will be used for:
Essential session management
Creating a specific log-in session for the site user in order that the site remembers that a user is logged in and it helps with the delivery of pages.
Recognising when a user of the site has visited before allowing us to identify the number of unique users we receive to the site and make sure we have enough capacity for the number of users that we get;
Recognising if a visitor to the site is registered with us in any way;
We may also log information from your computer including the existence of cookies, your IP address and information about your browser program in order to allow us to diagnose problems, administer and track your usage of our site.
Customising elements of the layout and/or content of the pages of the site.
Performance and measurement
Collecting statistical information about how the site is being used to help with site improvement and learn which parts are most popular to users.
Details of the cookies we use are displayed below.
5. What we use your personal information for
We use your personal information to provide you with the products and services we offer. Below we have given some examples of how we may use your personal information.
Example 1: if you use our site to contact a DBT therapist
If you use our site to contact a DBT therapist, we only use the personal information you provide in the online contact form to email the professional. In this case we will not store your personal information for any longer than we need it to complete this process. We will not use it for any other purpose. We will send you a single email acknowledgement to confirm that your email has been sent.
The server our site is stored on records the IP addresses of people who visit our web pages for a short time, so we can monitor the performance of our site, but we will usually delete this information as soon as we no longer need it. We may also store information about you, such as your IP address or website activity, to record certain actions (for example, when you contact a DBT therapy professional listed on our site, we use Google Analytics and Facebook Pixel to record that you’ve successfully completed this action). We use this information to monitor and manage our site (such as evaluating how effective our advertising is).
Example 2: if you apply to be listed in, or are listed in, our directory
- are applying to be listed in the directory;
- are already listed in the directory; or
- sign up to the directory for updates;
we will use your personal information to manage our service to you and to communicate with you (for example, telling you about your account, new services available, security and other types of updates). Also, if you contact us in any way, we may use your personal information to improve our service or to communicate with you.
If you have used our services before, we will only email you about things similar to the service you previously used. If you are a new customer, we will only contact you if you agree to it. If you want to be contacted for marketing purposes, tick the relevant box that you will find on the screen when we collect your information.
We usually only need your permission to use your personal information if we are using it for marketing purposes. If you don’t want us to use your personal information for any particular purpose, let us know by emailing us at . We will delete your information. However, this will limit our ability to provide the best possible service to you, and some parts of our service may not be available to you as a result.
As we have already explained, with your permission (or where we are allowed by law) we may use your personal information for marketing purposes. This may lead to us phoning or emailing you to give you information, news and offers on our services. We will not do anything not covered by this privacy notice, and we will not send you any spam emails. We will take all reasonable steps to make sure that we fully protect your rights and meet our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.
6. Where we store your personal information
We may transfer your information, and store it, outside the[AGE2] European Economic Area (EEA). It may also be processed by staff outside the EEA who work for us or for one of our suppliers. These staff may be involved in, among other things, processing your payment details, providing support services such as email communications, and collecting and storing comments.
By providing your personal information, you agree to that information being transferred, stored and processed outside the EEA. We will take all steps reasonably necessary to make sure your information is kept secure and in line with this privacy notice. We will have controls in place, such as agreements containing appropriate clauses, to make sure that your information is protected to the same standard as if it were in the UK.
To protect your information we have put in place suitable physical, electronic and managerial procedures to protect information collected through our site. Only those employees, agents, contractors and other third parties who need your information for business purposes will have access to it. They will only process your personal information when we instruct them to, and they must keep the information confidential.
If we have given you (or you have chosen) a password to use to visit certain parts of our site, you must keep the password confidential. You should not share passwords with anyone.
We have procedures in place to deal with any situation where we suspect that the conditions in this privacy notice have not been met, and will tell you and any appropriate regulator if we need to do so by law.
7. Providing your information to others
We can give your personal information to others in the following circumstances.
- We can provide your personal information if we have to do so by law, or in order to protect other people’s property, safety or rights.
- We can provide your personal information in connection with legal proceedings.
Third parties or information publicly available
We contract suppliers to provide some services on our behalf. We use a variety of suppliers for services such as processing card payments, search engine facilities, email facilities, technical support, advertising and marketing. These suppliers may sometimes need access to some or all of your personal information.
We only share personal information the supplier needs to provide their services. If we need to share your personal information we will take all reasonable steps to make sure it is handled safely and securely, and always in line with the GDPR and relevant laws.
For questions about our suppliers, please email us at .
Contacting professionals listed on our site
When you fill in an online form to contact a DBT therapist listed in the directory, we need to give your personal information to the DBT therapist you have chosen so they can provide the service you’ve asked for. We do not use your personal information for any other purpose, and we will always do our best to protect your information as set out in this privacy notice.
8. Keeping your personal information
We will keep your personal information for as long as we need to in order to:
- allow you to use our site;
- provide services to you;
- keep to any relevant laws;
- settle disputes; and
- allow us to carry on our business.
We are committed to maintaining confidentiality when you contact a DBT therapist for help. For this reason, when you contact a listed DBT therapist using the email form linked from their profile, we will delete the information you typed into the form as soon as the form has been received by the therapist.
This privacy notice and our internal guidelines will apply to all the personal information we keep. We will also keep anonymous information for statistical and analytical purposes (for example, to understand how people use our site and services). If you have a question about how long we keep certain types of personal information, email us at .
9. Your rights
You can ask us not to use your information for marketing purposes. If you are listed in our directory, you can do this by updating the relevant settings in your ‘members’ area’, or by sending an email to . If you are not listed in our directory, again, contact our Membership Secretary at .
Under the GDPR, you have the right to control how your personal information is used and you can do the following.
- Ask us for a free copy of the personal information we hold about you.
- Ask us to correct any personal information that we hold about you or to make any changes to your personal information (for example, if your name or contact details have changed).
- Ask us to transfer your personal information to another person.
- Ask to be kept informed of what data processing is taking place.
- In certain situations, ask us to restrict how your information is processed, or object to your personal information being processed.
- certain situations, ask us to delete personal information we hold about you.
Sometimes we will not be able to stop using your personal information when you ask us to (for example, if we need to use it by law or to keep to any regulation).
We will tell you if we cannot do what you ask, or how your request might affect you, when you contact us.
If you have given us permission to use your personal information, you can withdraw that permission at any time. If we process your personal information because it is in our legitimate interest or the public interest, you can object to this at any time.
You are responsible for making sure that your personal information is complete, accurate and up to date. If any of your personal information changes or is incorrect, tell us as soon as reasonably possible by sending us an email at: . We will correct the information as soon as possible, but certainly within 30 days.
10. Links to other sites
This privacy notice (and any documents referred to in it) does not apply to other websites that you get to by clicking on a link on our site. We have no control over how your personal information is collected, stored or used by other websites. You should check the privacy policies of other websites before you provide personal information through them.
11. Changes to this privacy notice
If we change this privacy notice we will post the changes on this web page. We may also email details to you.
12. How to contact us about this privacy notice
Our Data Compliance Manager is in charge of answering questions about this privacy notice and dealing with your requests to exercise your rights set out in clause 9. You can write to Carolyn Hinds (SfDBT Data Compliance Manager) at Second Floor, 2 Walsworth Road, Hitchin, Hertfordshire, SG4 9SP. Or you can send an email to .
We are committed to working with you to settle any complaint or concern you may have about your personal information. If you have any concerns about how we are using (or have used) your personal information, first contact our Data Compliance Manager by emailing or writing to:
Carolyn Hinds (Membership Secretary and DCM), Second Floor, 2 Walsworth Road, Hitchin, Hertfordshire, SG4 9SP
If you are not happy with the way we have dealt with your complaint or concern, you can contact the Information Commissioner’s Office (ICO) in the following ways.
By visiting the website: https://ico.org.uk/global/contact-us/
By phone: 0303 123 1113
By textphone: 01625 545860