Website: www.sarahsavageaesthetics.co.uk

Owner/Operator: Sarah Savage Aesthetics

Sarah Savage Aesthetics (“we”, “our”, “us”) is committed to protecting your privacy and ensuring your personal data is handled in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains what information we collect, how we use it, how it is stored, and your rights in relation to your personal data when you use our website or services.

We may collect and process the following types of personal information: personal identification details such as name and date of birth, contact information such as email address, phone number and postal address, health and medical information where relevant to the aesthetic treatments you enquire about or receive, appointment and booking details, payment information (processed via third-party providers), and technical information such as IP address, browser type, device details and cookies when you browse our site.

Your personal data may be used for the following purposes: to provide and manage aesthetic treatments and consultations, to process bookings and payments, to communicate with you about your appointments, enquiries and aftercare, to comply with medical and legal obligations, to improve our website, services and client experience, and for marketing purposes with your consent.

We will not sell or rent your personal data to third parties. However, we may share your information with service providers such as booking platforms, payment processors and email providers, with medical professionals or insurers where necessary and with your consent, and with regulatory authorities if legally required.

Your data is stored securely in compliance with UK GDPR. We use appropriate technical and organisational measures to protect against unauthorised access, alteration or disclosure. Medical information is stored with enhanced confidentiality safeguards.

We will retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, including meeting legal, regulatory and insurance requirements. Medical treatment records may need to be kept for a minimum of [e.g., 7 years] in accordance with healthcare industry standards.

Our website uses cookies and similar technologies to enhance your browsing experience and analyse traffic. You can manage your cookie preferences via your browser settings.

Under data protection laws, you have the right to access the personal data we hold about you, request correction of inaccurate information, request deletion of your data where legally permissible, restrict or object to processing of your data, request data portability, and withdraw consent for marketing communications at any time. To exercise your rights, please contact us at the details below.

If you have any questions about this Privacy Policy or how we handle your data, please contact us.

If you are unhappy with how we handle your data, you can also lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.