1. Information We Collect
Personal Information: Name, address, phone number, email address, date of birth, and emergency contact details.
Health Information: Medical history, current medications, allergies, skin conditions, treatment preferences, and consultation notes.
Payment Information: Credit/debit card details for booking deposits and treatment payments (processed securely through our payment providers).
Communication Records: Appointment confirmations, treatment reminders, and correspondence with our clinic.
2. How We Use Your Information
• To provide safe and effective treatments tailored to your needs
• To schedule and manage your appointments
• To process payments and maintain financial records
• To send appointment reminders and aftercare instructions
• To maintain accurate treatment records for continuity of care
• To comply with professional and legal obligations
• To improve our services and client experience
3. Legal Basis for Processing
Consent: You provide explicit consent for us to process your personal and health data for treatment purposes.
Contract: Processing is necessary to fulfill our service agreement with you.
Legal Obligation: We may need to process data to comply with healthcare regulations and professional standards.
Legitimate Interest: For business administration, appointment management, and service improvement.
4. Data Sharing and Disclosure
We do not sell, rent, or share your personal information with third parties except:
• With your explicit consent
• When required by law or legal process
• To protect the safety and rights of our clients and staff
• With trusted service providers (payment processors, appointment systems) who are bound by confidentiality agreements
• In case of medical emergency, with relevant healthcare professionals
5. Data Security
We implement appropriate technical and organizational measures to protect your data:
• Secure, encrypted storage of digital records
• Access controls limiting staff access to necessary information only
• Regular security assessments and updates
• Secure disposal of physical and digital records when no longer needed
• Training on data protection and confidentiality
6. Data Retention
We retain your personal data for as long as necessary to:
• Provide ongoing care and treatment
• Meet professional and legal obligations (typically 5 years for health records)
• Handle any potential claims or disputes
After this period, data is securely destroyed unless you request otherwise or legal requirements mandate longer retention.
7. Your Rights
Under GDPR, you have the right to:
• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal obligations)
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time (may affect our ability to provide services)
8. Cookies and Website Data
Our website may use cookies to:
• Improve website functionality and user experience
• Remember your preferences
• Analyze website usage (anonymized data)
You can control cookie settings through your browser preferences.
9. Marketing Communications
With your consent, we may send you:
• Treatment recommendations and wellness tips
• Information about new services and special offers
• Seasonal wellness advice and clinic updates
You can unsubscribe from marketing communications at any time using the unsubscribe link in emails or by contacting us directly.
10. Contact Information
For any privacy-related questions, concerns, or to exercise your rights, please contact us:
• Email: jess@jessicabower.co.uk