GDPR – Privacy Policy

Biotech Aesthetics Ltd a company registered in England and Wales whose registered office is at 71-75 Shelton Street, London, Greater London, United Kingdom, WC2H 9JQ (we and us”) are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you use our website at www.surreymedicalaesthetics.co.uk (Website) and (Platform) (regardless of where you visit them from) and tell you about your privacy rights and how the law protects you.

If you need to contact us in relation to this Privacy Policy, please do so at admin@surreymedicalaesthetics.co.uk

1. PURPOSE OF THIS PRIVACY POLICY

This privacy policy is in line with the Data Protection Act 2018 and the General Data Protection Regulation 2018 and aims to give you information on how we collect and process your personal data through your use of this Platform, including any data you may provide through this Platform.

These Platform are not intended for children and we do not knowingly collect data relating to children.

This privacy policy will inform you how you can verify which of your personal information is collected by us through the Platform and how you can request that we delete, update or transfer it.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

2. THE DATA WE COLLECT ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data may include first name, last name, title
  • Contact Data may include email address and telephone numbers.
  • Financial Data may include debit or credit card details, sort code and account number
  • Transaction Data includes details about payments to and from you and other details of Platform you have requested through our website.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Platform.
  • Usage Data includes information about how you use our Platform, products and Platform.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

3. IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or Platform). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

4. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

    • Direct interactions. You may give us your data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
      • Use our Platform;
      • Request marketing to be sent to you; or
      • Give us feedback or contact us.
    • Automated technologies or interactions. As you interact with our Platform, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our cookie policy for further details.
    • Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources as set out below:
      • Technical Data from analytics providers
      • Contact and Transaction Data from providers of technical, payment and delivery Platform.
      • Identity and Contact Data from data brokers or aggregators
      • Identity and Contact Data from publicly available sources

5. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

      • Where we need to perform the Platform for you.
      • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
      • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

6. USE OF COOKIES

Our Platform may use cookies, pixels, beacons, log files and other technologies. You can manage and delete cookies in your browser but you should be aware that this may interfere with the way you use our Website Read more about this is our Cookie Policy.

7. HOW LONG WILL YOU USE MY PERSONAL DATA FOR?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

8. OPTING OUT

You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

9. THIRD PARTY LINKS AND PLATFORM

It is likely that the Platform will contain links to third party websites and Platform. Please remember that when you use a link to go from our Platform to another website or you request a service from a third party, this privacy policy no longer applies.

Your browsing and interaction on any other website, or your dealings with any other third-party service provider, is subject to that website’s or third party service provider’s own rules and policies.

We do not monitor, control, or endorse the privacy practices of any third parties.

We encourage you to become familiar with the privacy practices of every website you visit or third party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices.

This privacy policy applies solely to personal information collected by us through our Platform and functionality and does not apply to these third party websites and third party service providers.

10. SECURITY OF YOUR PERSONAL INFORMATION

We are committed to keeping the personal information you provide us secure and we will take reasonable precautions to protect your personal information from loss, misuse or alteration.

We have implemented information security policies, rules and technical measures to protect the personal information that we have under our control from:

      • unauthorised access;
      • improper use or disclosure;
      • unauthorised modification; and
      • unlawful destruction or accidental loss.

All our employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of the personal information of all users of the Site.

11. CHANGE TO THIS PRIVACY POLICY

We may make changes to this privacy policy from time to time.

To ensure that you are always aware of how we use your personal information we will update this privacy policy from time to time to reflect any changes to our use of your personal information. We may also make changes as required to comply with changes in applicable law or regulatory requirements. We may notify you by e-mail of any significant changes. However, we encourage you to review this privacy policy periodically to be informed of how we use your personal information.

Scroll to Top