top of page

Privacy Policy


Maria Irwin Counselling trading as QuestNI is committed to protecting and respecting your privacy.


This privacy notice explains when and why I collect personal information, how I use it and how I keep it secure. I do this in line with current General Data Protection Regulation legislation.


I understand that privacy and the security of your personal information is extremely important. This notice sets out the basis on which personal information is collected, or when you provide it, will be processed by me.


My Privacy Notice is subject to change. I can provide a full copy of my Privacy notice upon request in hard copy format or by PDF via email.

Who am I?

I am Maria Irwin Counselling trading as QuestNI. I am a sole trader. I offer counselling, group work, supervision and training services.

What information do I collect?

The personal information I collect includes your name, address, date of birth, contact number, email address, sensitive information about your mental and physical health and third party information such as GP details and emergency contact information.

How do I use personal information?

I use this information:

  • to provide a service to you

  • to collect feedback about the service

What legal basis do I have for processing your personal data?

In order to comply with data protection legislation, I include the legal basis which allows me to hold information. The law on information protection sets out a number of different bases on which any organisation may collect and process your personal information, including: 



In specific situations, I can collect and process your information with your explicit consent. When we first meet, I will take time to discuss the consent form and what I do with client data. I will offer you a copy of my full privacy policy.

Legal Obligation 

If the law requires, I need to collect and process your information.  I may also need to pass your information onto a third party if required by law. 

Public Interest

I need to hold some data only to be used when there is a concern about your or another person’s wellbeing.


Legitimate interest 

In specific situations, I require your information to pursue our legitimate interests in a way which might reasonably be expected as part of delivering my services.

Who has access to my personal information?

Only I have access to your personal data.

When do I share personal data?

I will only share personal data in the following circumstances:

  • When I believe it is in the public interest where there is a risk of harm to you or someone else. I will generally gain your consent and talk to you about this first.

  • When you disclose details about a serious crime, legally I must report this

  • When I receive consent in writing from you to pass on information to a third party and I believe you understand the consequences of disclosing this information

  • If I receive a court order, I have a legal obligation to pass on a copy of all my notes

Where do I store your personal data?

I keep paper information only except for anything sent by email. When you give me personal information, I take steps to ensure that it’s treated securely. Any confidential and sensitive information is securely stored.

How long do I keep your personal data?

I only hold information for as long as I need to or am legally required to. This will be a maximum of 7 years.

Your rights in relation to personal data

Your rights in relation to personal data

  • Access to personal information – You have the right to ask for a copy of the information that I hold about you. If you put this request in writing, I have 30 calendar days to comply. There is no charge.

  • Accuracy of data - The accuracy of your information is important to me. If any of your information that I hold is inaccurate or out of date, please notify me.

  • Object – you can object to how I store your information in the first case by contacting me by phone, in person or by email.

  • You can withdraw or manage your consent at any point, however without some information, I may not be able to provide a service.

Precautions in place to protect the loss, misuse or alteration of your information

Security precautions in place to protect the loss, misuse or alteration of your information

When you give me personal information, I take many steps to ensure that it’s treated securely. Any confidential and sensitive information is securely filed. I have appropriate procedures in place for data security and management of records. I have received training in data protection and GDPR.

How to contact me

Should you have any queries regarding any aspect of Data Protection, please contact me in person, by phone or through the contact page.

bottom of page