Who we are:
  • The Owl Centre Ltd is registered with Companies House (no. 07880303).
  • The Owl Centre delivers independent therapy services to children at our clinics, in their homes, or in their educational settings.
  • The Owl Centre is directed by Rhodri Lathey, John Lathey, Nicola Lathey, and Philip Lathey.
  • The Owl Centre’s website is www.theowltherapycentre.co.uk
The Owl Centre is committed to protecting the privacy of information provided by clients.
Collection of personal information
We may collect personal information from you when you interact with our private healthcare services, including but not limited to:
  • Contact and identification details (e.g., name, address, phone number, email address, date of birth)
  • Health and medical information (e.g., medical history, test results, diagnoses, treatment plans)
  • Financial and billing information (e.g., insurance details, payment information)
  • Employment details (e.g., CV, employment history)
  • Other information relevant to the provision of our services
Information about the patients will be collected via spoken or written media from patients themselves, or their referrers. A referrer could be, but not limited to; parent/carer, education or work setting or NHS Trust.
With consent, information may also be collected from other professionals working with the patient.
Information may also be taken about family members where this relates to the patient - e.g. contact details for parents and any relevant medical / developmental history.
You may use the Owl Centre website without providing any personal information, but if you wish to make an enquiry or contact us via the website or by email, you are requested to provide relevant contact details such as your name, email address and contact phone number to enable us to respond to your enquiry.
Making an Enquiry or Booking
You may add comments or queries which might also contain personal information.
If your enquiry does not result in the patient being seen by The Owl Centre, we will remove identifiable information and retain anonymised information for up to one year. This is to improve the Services The Owl Centre offers.
If the patient is subsequently seen by The Owl Centre, details from the enquiry will be added to their personal health records.
Our website contains links to other internet sites that are outside our control and are not covered by this privacy policy. We are not responsible for any data that you provided through any such websites.
Our use of personal information
1. Personal information collected by us via the Owl Centre’s website, email, telephone, online, or face-to-face is stored and used by us for the purpose of delivering appointments.
2. Any sensitive personal details are stored in a secure and confidential system called the Nest and processed in confidence by The Owl Centre.
3. Personal details shall be used for the purpose of delivering appropriate therapy service to the patient. With consent, information about the patient’s needs will be shared with other professionals involved in the patient’s care when it is in the patient’s best interests.
4. A record of the patient’s consent, or parental consent is kept within the patient's case notes.
5. Unless we are required to do so by law, we will not disclose any personal information collected to any person other than as set out above.
6. The Owl Centre may use an external printing and mailing company if paper versions of reports or documents are requested. Patients can request more information about this should the service be required.
7. The Owl Centre does not give or sell client details to any third party
8. The Owl Centre uses a third-party software company for IT Development. All third-party staff abide by the same data protection standards as The Owl Centre staff.
How we use personal information
The Owl Centre uses personal information:
To prepare, plan, and provide appointments appropriate to the patient's need.
To communicate with the client by post, email, telephone or text message in relation to:
  • Confirming and preparing for appointments
  • General communication in between appointments
  • Sending you reports and programmes for the patient
  • Copying the client into communications with other professionals about the patient
  • Sending resources
  • Sending invoices
  • For clinical audit to assess and improve The Owl Centre’s service. Results of audits are always presented with all client identities removed.
  • For management and administration – for example, surnames of clients are included in our password-protected database.
  • Whenever personal identifiers are not needed for these tasks, The Owl Centre removes them from the information it uses, if possible.
How we store personal information
All information about the client, the patient, and their therapy is stored securely in a password-protected, encrypted folder on The Owl Centre’s and the therapists’ computers in order to ensure that we have a complete record of our service to them.
Any paper-based, confidential information (such as assessments and case notes) are stored securely in accordance with data protection regulations.
Videos may be taken with consent. These are temporarily stored on a password-protected, encrypted cloud system. These may then be viewed by the therapist to make notes in the client’s records or carry out a video-based intervention. The video is then deleted.
Most records are kept electronically. Where paper information is required, the minimum amount of confidential information will be taken out of the therapist’s office base. When taken out of that base, it will be kept with the therapist or will be locked in the boot of their car, whichever is deemed to be more secure at the time.
In accordance with law, all records will be kept securely until a child is 26 years old or for 8 years after an adult patient has been discharged. After this time, all records relating to the patient will be securely destroyed.
Non-clinical email correspondence and invoices will be deleted from The Owl Centre’s systems after 6 years.
All records relating to NHS contract patients are kept only on the Nest and not in paper form. They are not stored off site.
Comprehensive Patient Records
At The Owl Centre, we maintain comprehensive patient records that link all interactions a patient has with us. This means that if you are referred to us through multiple routes, such as self-referral for private sessions, referral via the NHS, or workplace referrals, all relevant information will be consolidated into one unified patient record.
The purpose of maintaining comprehensive patient records is to ensure the safety and completeness of the medical information we hold. By linking all interactions and healthcare services provided to a patient, we can facilitate seamless continuity of care and enable all clinicians involved in the patient's treatment to have access to a comprehensive overview of the patient's medical history and prior interactions with us.
It is important to note that the sharing of information among our healthcare professionals is strictly conducted on a need-to-know basis and in accordance with applicable privacy laws and regulations. Only authorised staff directly involved in the patient's care or record management will have access to the comprehensive patient records. We maintain strict confidentiality and employ appropriate security measures to protect the privacy and integrity of these records.
We understand the importance of respecting patient privacy and will always handle patient information with the utmost care and discretion. If you have any concerns regarding the consolidation of your records or the access provided to healthcare professionals, please do not hesitate to contact us using the details provided in this Privacy Policy.
Data Subjects
The Owl Centre may collect identifiable or sensitive data on:
  • Clients,
  • Next of kin,
  • Employees,
  • Freelancers,
  • Job applicants,
  • Students & volunteers
Disclosure of Personal Information
  • We may disclose your personal information to the following parties:
  • Healthcare professionals, providers, and practitioners involved in your care and treatment
  • NHS or other public health services for referrals, consultations, and coordination of care
  • Other referrers, such as education settings and workplaces
  • Third-party service providers who assist us in providing our services (e.g., IT support, payment processors)
  • Regulatory bodies, government authorities, or law enforcement agencies as required by law or to protect our legal rights
  • Other parties with your consent or as permitted by applicable laws
When disclosing personal information to third parties, we take reasonable measures to ensure that they handle your information securely and in accordance with applicable privacy laws.
Data outside of the UK
Data is only transferred outside of the UK with appropriate safeguards, always following the same safeguards as inside the UK. This may include, for example, freelancers, employees, or directors who are mobile working from a different location than the UK. It may also include clients who are based outside of the UK. The Owl Centre has a password policy which includes Two Factor Authentication login to the secure system.
Breach procedure
If any confidential data is lost, damaged or inappropriately accessed, The Owl Centre follows a breach procedure.
1. The Owl Centre therapist notifies the involved staff member or Head of Compliance and fills out an incident form on the Nest
2. The Owl Centre completes the ICO self-assessment flow chart and seeks advice from the ICO about how to act if required
3. The Head of Compliance completes an internal investigation and makes recommendations about any required changes to processes or policies.
3. The Owl Centre might contact the data subject if advised to do so.
Meeting professional obligations
All staff, including non-clinical and therapy support staff carry out training in data protection annually.
It is a legal requirement for all our Clinicians to be registered with their appropriate board, for example, the Health and Care Professionals Council (HCPC) the Nursing and Midwifery Council or the General Medical Council for example.
Each board has a regulation around data protection. For example, the HCPC states:
  • Standard 2: Communicate appropriately and effectively
“You must share relevant information where appropriate with colleagues involved in the care, treatment, or other services provided to a service user.”
  • Standard 10: Keep records of your work
“You must keep full, clear, and accurate records for everyone you care for, treat, or provide services to. You must complete all records promptly and as soon as possible after providing care, treatment or other services. You must keep records secure by protecting them from loss, damage or inappropriate access.”
UK data protection law
Data Protection Law lays down wide-ranging rules backed up by criminal sanctions for the processing of information about identifiable, living individuals. It also gives individuals certain rights in relation to personal data held about them by others. The Owl Centre is registered with the Information Commissioner’s Office (ICO) as a data controller.
Our lawful basis for processing personal information
1. Our lawful basis for processing and storing personal information is one of “legitimate interest” (under article 6 of GDPR). The Owl Centre cannot adequately deliver a service without processing their personal information. As it is both a necessity for our service delivery and of benefit to the patient, we have a legitimate interest to process and store their data.
2. Data relating to an individual’s health is classified as “special category data” under Article 9 of UK GDPR. Our lawful basis for processing and storing personal information is one of "provision of health and social care or treatment" (under Article 9 of UK GDPR). The regulations specify that health professionals processing the data under this lawful basis are “legally bound to professional secrecy”. The Owl Centre therapists are legally bound to keep client information confidential.
Our responsibilities
The Owl Centre is committed to maintaining the security and confidentiality of the patient's record. We actively implement security measures to ensure that their information is safe, and we audit these regularly.
The Owl Centre will not release personal details to any third party without first seeking consent unless this is allowed for, or required, by law.
The Owl Centre is constantly working to ensure compliance with current data protection regulations.
Your rights
Data protection legislation gives the client various rights, the most of important of which are as follows:
  • You have the right to a copy of the information that we hold about the patient.
  • Third party information will be redacted from Subject Access Requests. The Owl Centre may also get consent from a child if they are deemed to be Gillick Competent before sharing their records with a person with parental responsibility.
  • You have the right to ask for your record to be amended if you believe that it is wrong.
  • You have the right to make a complaint to the Information Commissioner’s Office (ICO) if you believe we have breached your data rights
How to access the patient's records (Subject Access Request)
You can access the information The Owl Centre holds about you or your child. You may do this verbally on in writing / email.
A copy of the patient's records is provided free of charge unless it is a large request, in which case a small admin fee will be charged. Postage costs, however, will be incurred if the records need to be, or are asked to be, sent by post.
The Owl Centre will provide access to the patient's records within 30 days of confirmation of the requesters ID and rights to access the information. If the request is particularly large or complex, this may be extended to 60 days.
If you have any questions about how The Owl Centre uses your information, please contact us at [email protected]
Further information about data protection legislation and your rights is available from the Information Commissioner’s Office.