top of page
Deirdre-burns-logo-art.jpg

GDPR

PURPOSE OF DATA COLLECTION

We collect and process personal data to ensure we provide you with safe, effective, and personalised aesthetic and skincare treatments. This includes performing medical assessments, booking appointments, providing treatments, and meeting our legal and regulatory obligations.

TYPES OF PERSONAL DATA COLLECTED

We may collect and process the following types of personal data:

 

  • Full name, date of birth, and contact details (email, phone, address)

  • Medical history, allergies, and relevant health information

  • Photographic records (before and after treatment, with your consent)

  • Appointment and treatment details

  • Payment and billing information

  • Correspondence or communications between you and the clinic

LEGAL BASIS FOR PROCESSING

We process your personal data based on the following lawful grounds:

 

  • Consent – for use of your photos or for sending marketing communications

  • Contract – to provide agreed-upon treatments and services

  • Legal obligation – to retain medical records as required by law

  • Legitimate interests – to manage and improve our clinic services and patient experience

HOW YOUR DATA IS USED

Your data is used to:

 

  • Assess your suitability for treatments

  • Deliver safe and appropriate procedures

  • Manage bookings and aftercare

  • Comply with health and safety regulations

  • Send appointment reminders and updates

  • (With your consent) share promotional offers and newsletters

SHARING OF PERSONAL DATA

Your personal data will not be sold or shared for unrelated purposes. We may share your information:

 

  • With healthcare professionals or specialists if necessary for your care

  • With service providers (e.g., booking systems, secure data storage platforms) under strict data protection agreements

  • Where legally required (e.g., insurers, regulatory authorities)

DATA RETENTION

We retain your medical records for a minimum of 10 years from your last appointment, in line with UK healthcare regulations. Marketing-related data will be retained only while your consent is valid.

YOUR RIGHTS UNDER GDPR

You have the right to:

 

  • Access a copy of your personal data

  • Correct any inaccurate or incomplete data

  • Request deletion of your data, where applicable

  • Object to or restrict how we use your data

  • Withdraw consent at any time (e.g., unsubscribe from marketing)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

DATA SECURITY

We take the confidentiality of your data seriously and have implemented appropriate technical and organisational measures, including:

 

  • Encrypted digital records

  • Secure data storage systems

  • Staff training in data protection best practices

CONTACT US

If you have any questions, concerns, or would like to exercise any of your rights under GDPR, please contact:

Deirdre Burns Aesthetics and Skin Clinic

Data Protection Officer: Deirdre Burns (Registered Nurse & Owner) 

Email: deirdreburnsaesthetics@enquirenow.org

Phone: 02867440308

1.png
2.png
4.png
3.png
6.png
5.png
7.png
8.png
bottom of page