Paloma Privacy
PRIVACY POLICY
At Paloma Aesthetics, we are committed to protecting your privacy and ensuring that your personal data is handled securely and responsibly. This Privacy Policy outlines how we collect, use, disclose, and protect your information in compliance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR) 2003.
By accessing our website or using our services, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect and process various types of personal data to provide aesthetic medical services effectively. This includes:
1.1 Personal Information
Name, age, gender
Contact information: email address, phone number, and physical address
Health information: medical history, current health conditions, treatment details
Payment information: billing details, insurance information (Note: We do not store your card details.)
Identification details: Driving license, passport details, etc.
1.2 Sensitive Personal Data (Special Category Data)
The following sensitive data is handled with extra care:
Medical history and records
Physiological, mental health conditions
Consents for treatments and any health-related information
2. How We Use Your Information
We use your personal and sensitive data for the following purposes:
Medical and Cosmetic Services: To provide aesthetic treatments, consultations, consents, and before/after photos.
Communication: To contact you regarding appointments, treatments, or follow-ups.
Billing and Payments: To process payments and insurance claims.
Improving Services: To enhance the quality of our services based on feedback.
Legal and Compliance: To meet our legal and regulatory obligations.
3. Sharing of Information
We will not sell, lease, or share your personal information with third parties except in the following circumstances:
With Your Consent: Information will only be shared with third parties when you give explicit consent.
Medical Services: Information may be shared with healthcare providers or specialists for treatment purposes.
Legal Requirements: We may disclose your information if required by law (e.g., court orders or regulatory obligations).
Insurance Providers: Data may be shared with insurance providers for claims processing and verification.
4. Data Security
We are committed to ensuring the security of your personal data. We implement appropriate physical, electronic, and managerial safeguards to prevent unauthorized access, disclosure, alteration, or destruction of your data, including:
- Encryption of sensitive information
- Firewalls and secure access controls
- Regular security audits and risk assessments
5. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance user experience. Cookies are small files stored on your device to help us recognize you and tailor our services to your preferences. You can manage cookie preferences in your browser settings.
Use of Cookies
Cookies allow us to analyse website traffic and improve your experience by tailoring content to your needs. You can choose to accept or decline cookies but declining them may limit your ability to use certain features of the website.
6. Retention of Data
We retain personal and sensitive data for as long as necessary for medical, legal, or regulatory purposes:
Medical records, images, and treatment data will be retained for 10 years from the date of your last treatment, in line with insurance requirements.
Financial and accounting records will be retained for 6 years, as per tax regulations.
Data related to unsuccessful job applicants will be stored for up to one year.
Employee data will be kept for 7 years following departure.
Email data for newsletter opt-outs will be retained indefinitely for compliance purposes.
After the retention period, your data will be securely destroyed or anonymized.
7. Your Rights
You have the following rights concerning your personal data:
Right of Access: You can request a copy of the data we hold about you.
Right to Rectification: You can request corrections to any inaccurate or incomplete data.
Right to Erasure ("Right to be Forgotten"): You can request deletion of your data under certain circumstances.
Right to Restriction of Processing: You can request that we limit the processing of your data.
Right to Data Portability: You can request that your data be transferred to another organization.
Right to Object: You have the right to object to certain types of data processing, including direct marketing.
Right to Object to Automated Processing: You have the right to not be subject to decisions based solely on automated processing or profiling.
Right to Complain: If we refuse your request under these rights, we will provide a reason. You have the right to complain to the Information Commissioner’s Office (ICO).
8. Third-Party Links
Our website may contain links to external websites. Paloma Aesthetics is not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any external sites before providing personal information.
9. Changes to This Privacy Policy
Paloma Aesthetics reserves the right to modify or update this Privacy Policy at any time. Significant changes will be communicated via our website. We recommend reviewing this policy periodically to stay informed of any updates.
10. Complaints
If you believe we have not complied with our privacy obligations, you may file a complaint with the Information Commissioner’s Office (ICO). However, we encourage you to contact us first to resolve the issue.
Complaints Officer:
Dr. T. Sundaresan
Phone: +44-7966152583
Email: thiru@palomaaesthetics.com
11. Contact Us
For any questions or concerns regarding this Privacy Policy, please contact us:
Paloma Aesthetics
Dr. T. Sundaresan
Phone: +44-7966152583
Email: thiru@palomaaesthetics.com