Ioana Ababei Expat Psychologist

Psychological Support & Counselling
EN & RO

Privacy Policy

Last updated: April 15, 2026

This Privacy Policy outlines how Ioana Ababei Psychologist collects, uses, discloses, and protects your personal information. I am committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR/AVG) and the guidelines of the Netherlands Institute of Psychologists (NIP).

1. Data Controller

Ioana Ababei is the Data Controller responsible for your personal data.

connect@ioanaababei.com
http://www.ioanaababei.com
KVK: 98643401 btw-id: NL005344683B32

2. Data Collected and Purpose

I collect data solely for communication, administration, invoicing, and professional record-keeping.

  • Identity Information: Name, date of birth, and address (for identification and legal invoicing).
  • Contact Information: Email address and phone number (for scheduling and communication).
  • Financial Information: Bank details and payment history (for processing payments).
  • Session Notes: Personal history and session outcomes (to maintain a professional overview of your progress).

3. Legal Basis for Processing

I process your data based on:

  • Contractual Necessity: To provide the counselling services you have requested.
  • Legal Obligation: To comply with Dutch tax laws (invoicing).
  • Consent: By engaging in sessions, you provide consent for the processing of your personal notes.

4. Data Sharing & Third-Party Processors

I do not sell or share your data with third parties for marketing. To run my practice, I use secure third-party processors who also comply with GDPR:

  • IT & Communication: Secure email and encrypted video calling platforms.
  • Financial: My banking institution for processing invoices.
  • Legal Requirement: Data is only shared with authorities if required by Dutch law or to prevent an immediate threat to life.

5. Confidentiality & Security

Professional Secrecy 

All information shared within the therapeutic relationship is treated with the highest level of professional secrecy. No information is shared with third parties without the client’s explicit written consent, except where disclosure is required by law or in cases of serious, immediate risk of harm.

Professional Quality (Intervision & Supervision) 

To ensure the highest quality of care and maintain professional standards, the psychologist participates in regular intervision (peer review) and supervision.

  • During these sessions, case reflections may be discussed with qualified peers who are also bound by strict professional secrecy.
  • Anonymisation: Any information shared is strictly anonymised. All identifying details (such as names, specific locations, or workplaces) are removed to ensure the client’s identity remains fully protected.

Safety & Mandatory Reporting 

In accordance with Dutch law and the NIP Code of Ethics, the psychologist may be required to break confidentiality if there is an imminent risk of harm to the client or others, or in cases involving the suspicion of child abuse. In such instances, only the minimum information necessary to ensure safety will be disclosed.

Data Collection & Storage (GDPR/AVG) 

The psychologist processes personal data and session notes in strict accordance with the General Data Protection Regulation.

  • Access Control: Access to client data is strictly limited to the psychologist and authorised secure processors (e.g., encrypted note-taking systems).
  • Secure Storage: All session notes and personal details are stored in encrypted, password-protected systems that comply with European and Dutch privacy standards.
  • Virtual Security: Online sessions are conducted via a protected digital environment utilising end-to-end encrypted video connections.
  • Email Communication: Correspondence is managed through a GDPR-compliant email provider utilising secure transmission protocols.

6. Data Retention

In line with professional standards for counselling and coaching, session notes are securely retained for 7 years following our last contact.

7. Your Rights

Under the GDPR, you have the following rights:

  • Access: You may request a copy of the data I hold about you.
  • Correction/Deletion: You may request that I correct inaccurate data or delete unnecessary data (within the limits of my legal retention obligations).
  • Withdrawal of Consent: You may withdraw your consent for data processing at any time.
  • Data Portability: You have the right to receive your data in a format that allows you to transfer it to another provider.

8. Cookies

My website uses functional cookies to ensure a smooth user experience. You can manage your cookie preferences through your browser settings.

9. Complaints

If you have concerns about how your data is handled, please contact me directly. You also have the right to lodge a complaint with the Dutch Data Protection Authority.

10. Updates

This policy is reviewed regularly. The latest version will always be available on my website.

Download PDF Version