Privacy policy.
Effective Date: 12th February 2025
Guise and Dolls Medispa Ltd ("we," "our," or "us") respects your privacy and is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, and protect your personal data when you interact with us.
1. Information We Collect
We may collect and process the following types of personal data:
Personal Information:
Name, address, email address, phone number, date of birth, and any medical information relevant to your treatments.
Payment Information:
Billing and payment details necessary to process transactions.
Technical Information:
IP address, browser type, operating system, and other details collected via cookies when you use our website.
Communication Data:
Information shared via emails, phone calls, contact forms, or social media.
2. Lawful Basis for Processing Personal Data
Under the UK GDPR, we process your personal data based on the following lawful bases:
Consent: For sending promotional materials or newsletters.
Contractual Necessity: To provide treatments, manage bookings, and process payments.
Legal Obligation: To comply with medical, tax, or legal requirements.
Legitimate Interest: To improve our services and ensure the security of our website.
3. How We Use Your Information
We use your data for the following purposes:
To provide and manage your treatments and services.
To schedule and confirm your appointments.
To comply with legal or regulatory requirements (e.g., medical record-keeping).
To process payments securely.
To send appointment reminders or marketing communications (only where you have provided consent).
To monitor and improve our website and services.
4. Sharing Your Information
We only share your personal data in the following circumstances:
Service Providers: With trusted third-party providers such as payment processors and booking platforms.
Legal Obligations: If required by law, such as to comply with a court order or regulatory obligation.
Consent: With your explicit consent for any other data sharing.
We ensure all third parties adhere to strict confidentiality and data protection standards.
5. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or to comply with legal requirements. Medical and treatment records will be retained in line with regulatory obligations.
6. Your Rights
Under the UK GDPR, you have the following rights:
Access: Request a copy of your personal data.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion of your data where it is no longer necessary.
Restriction: Request that we limit the processing of your data.
Portability: Obtain your data in a structured, machine-readable format.
Objection: Object to processing based on legitimate interests or direct marketing.
Withdraw Consent: Withdraw consent for data processing at any time.
To exercise your rights, please contact us at [Insert Contact Email].
7. Security of Your Data
We take appropriate technical and organisational measures to safeguard your personal data from unauthorised access, alteration, disclosure, or destruction.
8. Cookies and Website Tracking
Our website uses cookies to enhance user experience and collect analytics. For more details, please refer to our Cookies Policy.
9. Contact Us
If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:
Guise and Dolls Medispa Ltd
76 Otley Road, Guiseley, Leeds, LS20 8BH
01943 884 782
guiseanddollsmedispa@gmail.com
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not handled your data in accordance with the law. Visit www.ico.org.uk for more details.
10. Updates to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on our website, and, where appropriate, we will notify you via email.
Last Updated: 14th February 2025