Last updated: 28 August 2025
This Privacy Policy explains how we collect, use, store, and protect your personal data when you interact with our website and services.
We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and healthcare confidentiality standards.
We may collect the following categories of personal data:a) Personal Information
Name
Email address
Phone number
Date of birth
b) Medical & Health Information (Special Category Data)
Medical history
Treatment records
Consultation notes
Photographs (before & after, where consent is given)
Consent forms
c) Technical Information
IP address
Browser type
Device information
Usage data
3. How We Use Your Information
We use your data to:
Provide safe and appropriate treatments
Conduct consultations and assessments
Maintain accurate medical records
Contact you regarding appointments and aftercare
Process payments
Comply with medical, legal, and insurance obligations
Improve our services and website
4. Legal Basis for Processing
We process your personal data based on:
Consent – especially for medical data and marketing communications
Performance of a contract – providing treatments and services
Legal obligation – maintaining clinical and financial records
Legitimate interests – service improvement and business management
Medical information is processed under special category data rules, with enhanced safeguards.
5. How We Store and Protect Your Data
We implement strict technical and organisational security measures, including:
Secure digital record systems
Restricted staff access
Encrypted data storage
Secure backups
Your data is stored securely and only for as long as required by law and professional guidelines.
Medical records are typically retained for upto 8 years in line with healthcare regulations.
6. Sharing Your Information
We do not sell your data.
We may share your data with:
Medical professionals involved in your care
Payment providers
IT and booking system providers
Regulatory bodies where legally required
All third parties are required to maintain strict confidentiality and data protection standards.
7. Your Data Protection Rights
You have the right to:
Access your data
Request correction
Request deletion (where legally possible)
Restrict processing
Data portability
Withdraw consent
To exercise your rights, contact us using the details above.
8. Cookies
We use cookies to improve functionality, performance, and user experience. You can manage cookie preferences through your browser settings.
9. Marketing Communications
We only send marketing communications if you have explicitly consented. You can opt out at any time using the unsubscribe link or by contacting us.
10. Changes to This Policy
We may update this Privacy Policy periodically. The latest version will always appear on this page.
