Privacy Policy

Effective Date: January 1st, 2024

At Bespoke Aesthetics, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you visit our website or use our services. We adhere to the UK General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Who We Are

Bespoke Aesthetics (referred to as "we," "us," or "our") is a premium aesthetics clinic based in the UK. Our website address is: [Insert Website Address]. We act as the data controller when processing your personal data in relation to our services.

If you have any questions regarding this Privacy Policy, please contact us at:

Bespoke Aesthetics
bespokeaesthetics@outlook.com

2. What Data We Collect

We may collect and process the following types of personal data:

  • Contact Information: Name, email address, phone number, and any additional details provided when you book appointments or contact us directly.

  • Medical Information: Relevant health and treatment history provided during consultations or service bookings (where necessary and with your explicit consent).

  • Technical Data: IP address, browser type, device information, and data about how you interact with our website (e.g., cookies, usage data).

  • Transaction Data: Billing information, including payment details and history.

  • Marketing Preferences: Your preferences for receiving updates, offers, and other communications.

3. How We Collect Your Data

We collect your data through the following methods:

  • Direct Interaction: When you provide personal details during appointments, consultations, or through forms on our website.

  • Automated Technologies: Data collected automatically as you navigate our website (e.g., cookies, server logs).

  • Third Parties: We may receive personal data from third-party tools like payment processors or analytics services.

4. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data for the following purposes:

  • To Provide Services: We use your data to schedule appointments, deliver treatments, and offer consultations.

  • To Manage Payments: Your data is used to process payments and issue invoices or receipts.

  • For Marketing Purposes: With your consent, we may send you updates, offers, and information about new treatments or services.

  • To Improve Our Services: We analyze data to enhance your experience and ensure our services meet your expectations.

  • To Comply with Legal Obligations: Your data may be used for regulatory or tax reporting purposes where required.

5. Legal Basis for Processing Your Data

Under GDPR, we rely on the following lawful bases for processing your personal data:

  • Consent: For marketing communications or the processing of medical data related to your treatments.

  • Contractual Obligation: When processing is necessary to deliver services or manage bookings.

  • Legal Obligation: To comply with regulatory requirements or legal standards.

  • Legitimate Interests: For improving our services and maintaining customer relationships (e.g., sending appointment reminders).

6. Cookies

We use cookies to enhance your website experience and gather information about usage. You can manage your cookie preferences through your browser settings. Note that disabling cookies may affect functionality.

For more details, refer to our Cookie Policy.

7. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, including meeting legal or regulatory requirements. Medical records are retained in line with UK legal requirements.

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of your personal data.

  • Right to Rectification: You can ask us to correct incomplete or inaccurate data.

  • Right to Erasure: You may request that we delete your data in certain circumstances.

  • Right to Restriction: You can request that we limit how we process your data.

  • Right to Data Portability: You may request your data in a machine-readable format.

  • Right to Object: You can object to processing for direct marketing purposes or legitimate interests.

  • Right to Withdraw Consent: You may withdraw your consent to data processing at any time.

To exercise your rights, please contact us at bespokeaesthetics@outlook.com.

9. Data Security

We prioritize the security of your personal data and implement technical and organizational measures to protect it from unauthorized access, disclosure, or loss.

10. Third-Party Data Sharing

We may share your data with trusted third parties, such as:

  • Service Providers: For payment processing, hosting, and marketing.

  • Legal Authorities: If required by law or to enforce our legal rights.

All third-party providers are vetted to ensure compliance with GDPR.

11. International Transfers

If your data is transferred outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place to protect it under GDPR standards.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Any updates will be posted on our website, and significant changes may be communicated via email.

13. Contact Us

If you have any questions or concerns about this policy, please contact us at:

Bespoke Aesthetics
bespokeaesthetics@outlook.com

Alternatively, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).