What personal information do we collect?
We may process certain types of personal information including:
- Information such as your first name, maiden name, last name, marital status, date of birth and gender.
- Contact Information such as your home address, email address and telephone numbers.
- Financial Information such as your bank account and payment card details.
- Transaction Information like details about payments you made to us including time, location, transaction amount, payment method and cardholder details.
- Profile Information including purchases, preferences, feedback.
- Usage Information such as information about how you use our website, products and services.
- Marketing and Communications Information such as your preferences in receiving marketing communications from us.
Personal information means any information capable of identifying an individual. We may also process Aggregated Information from your personal information. This information does not reveal your identity and as such in itself is not personal information. For example we may want to work out the percentage of website users using a specific feature of our site.
In order to be able to provide the treatment you have requested and answer your questions we need to collect, what is considered, sensitive information about you. Where we are required to collect personal information and you do not provide us with that information when requested, we may not be able to perform the treatment.
Collecting information about you
We collect information about you through a variety of different methods including:
- Direct interactions: When you make an appointment for treatment or a consultation; subscribe to our newsletter; request information to be sent to you; and give us feedback.
- We may automatically collect information including, but without limitation, your IP address, operating system, browser type, identifiers for your computer or mobile device, your visit date and time and your visit behaviour.
- Third parties or publicly available sources: analytics providers such as Google based outside the EU.
Processing information about you
We will only use your personal information when we have a legal basis for processing it. The most common way we use your personal information are:
- Where we need to perform the contract between us.
- Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal ground for processing your personal information, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at firstname.lastname@example.org
You will receive marketing communications from us if you have:
- requested information from us or purchased goods or services from us;
- if you provided us with your details and requested that we send you marketing communications; and
- in each case, you have not opted out of receiving that marketing.
Using your personal information
We may have to share your personal information with the parties set out below for the purposes set out in paragraph 3 above:
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.
- Third parties to whom we may sell, transfer, or merge parts of our business or our assets.
Transferring information internationally
We have appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal information to those employees, contractors and other third parties who have a business need to know such information. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. All our payments are secured using Secure Socket Layer (“SSL”) technology with high security encryption.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Information) for seven years after they cease being customers for tax purposes.
Notwithstanding the above, you have the right to request the deletion of your data. Depending on the services that have been undertaken we may be required to hold certain data for seven years from the date of request of deletion of data, for legal purposes.
The cookies will never enable us to access any other information about you on your computer, mobile device or any other device other than the information you choose to share with us.
Your legal rights
You have a number of rights about how the personal information you provide can be used. These are:
- Transparency over how we use your personal information (right to be informed).
- The ability to request a copy of the information we hold about you, which will be provided to you within one month (right of access).
- Update or amend the information we hold about you if it is wrong (right of rectification).
- Ask us to stop using your information (right to restrict processing).
- Ask us to remove your personal information from our records (right to be ‘forgotten’).
- Object to the processing of your information for marketing purposes (right to object).
- Obtain and reuse your personal information for your own purposes (right to data portability).
- Not be subject to a decision when it is based on automated processing (automated decision making and profiling).
If you are not satisfied, you have the right to lodge a complaint with the relevant data protection authority the Information Commissioner’s Office
We will cooperate fully with any such investigation and endeavor to satisfy all queries as fully as possible. If you wish to exercise any of the rights set out above, please email us at email@example.com
You will not have to pay a fee to access your personal information. However, we may charge a fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Our full contact details are:
07852 700 481
1-7 Harley Street