top of page

Privacy Policy

sandy beach image
waves and sand image

THE COTTAGE CLINIC

 

Website privacy policy

 

This website is operated by THE COTTAGE CLINIC. The privacy of our users is extremely important to us and therefore we encourage all users to read this policy very carefully because it contains important information regarding:

 

  • who we are;

  • how and why we collect, store, use and share personal information; 

  • your rights in relation to your personal information; and

  • how to contact us and supervisory authorities in the event that you have a complaint.

 

Who we are

 

THE COTTAGE CLINIC ('we', 'us', 'our') collect, use and are responsible for storing certain personal information about you (you', 'your', 'yours').

 

The personal information we collect and use

 

Personal information is information which you can be identified from (and does not include any anonymised forms of information).

 

  1. Types of personal information

 

We may process the following types of personal information in relation to you:

 

Name, address, date of birth, mobile number, email address and next of kin.

 

2. Types of sensitive information

         

We may also process the following types of sensitive information in relation to you:

 

medical history, gender

 

How your personal information is collected

 

This section describes how the above types of personal information are collected by us. Your personal information will be collected as follows:

 

 1. Personal information obtained from you directly

 

We will sometimes obtain information from you directly, including when you:

 

When booking services or appointments

When subscribing to marketing emails

 

         2. Personal information obtained by use of cookies or other automated means

 

We will sometimes obtain information via automated technology. This shall be by use of cookies and other similar technology. A cookie is a small text file which is placed onto your computer or electronic device when you access our website. Similar technologies include web beacons, action tags, local shared objects ('flash cookies') and single-pixel gifs. Such technologies can be used to track users' actions and activities, and to store information about them. Usually this will be in order to monitor and obtain information regarding:

 

website visits and ease of use when revisiting, Functionality of checkout

 

On the first occasion that you use our site we will ask whether you consent to our use of cookies and/or other similar processing technologies. If you do not consent, such technologies will not be used. Thereafter you can opt-out of using cookies at any time or you can set your browser not to accept cookies. However, some of our website features may not function as a result.

 

For further information on our use of cookies and other similar technologies, please see our policy document as described below.

 

3. Changes to the way in which we collect your personal information

 

In the event that we need to obtain personal information in relation to you from any other source than those described above, we shall notify you of this.

 

How we use your personal information

 

1. General purposes

 

In general, your personal information will generally be processed for the following purposes:

to allow the provision of treatments and services specific to you.

 

Any sensitive information in relation to you will generally be processed for the following purposes:

the individual has given explicit consent; or

it is necessary to protect vital interests of a person (i.e to preserve life)

 

2. Use of your information for marketing purposes

 

 We have described above that one of the general purposes for which your data shall be processed is for        our marketing purposes.

 

         We wish to make you aware that you have the right to object or to opt-out of any direct marketing by:

 

unsubscribing using the link at the bottom of any marketing emails or within your my account section and updating your marketing preferences.

 

Lawful basis for processing of your personal information

 

We have described above the purposes for which we may process your personal information. These purposes will at all times be justified by UK data protection law.

 

1. General lawful bases

 

The lawful basis upon which we are able to process your personal data are:

 

  1. where we have your consent to use your data for a specific purpose;
     

  2. where it is necessary to enter into a legal contract with you or to perform obligations under a legal contract with you;
     

  3. where it is necessary to enable us to comply with a legal obligation;
     

  4. where it is necessary to ensure our own legitimate interests or the legitimate interests of a third party (provided that your own interests and rights do not override those interests). Wherever we rely upon this basis, details of the legitimate interests concerned shall be provided to you;
     

  5. where we need to protect your own vital interests (or the vital interests of another person); and/or
     

  6. where it is needed in the public interest (or where we are acting in our official functions), provided that the task or function has a clear basis in law.

 

In general, in order to meet the purposes we have described above, we will process your personal information where it is necessary to comply with legal obligations which we are required to adhere to.

 

 

2. Lawful bases applicable to sensitive information

 

We have explained above that we may process sensitive personal information in relation to you. We have defined above the general purposes for which we process your personal sensitive information. These purposes are justified by lawful conditions. There are however additional conditions which apply to sensitive personal information.

 

We will therefore only process your sensitive personal information for any or a combination of the following additional lawful reasons, which are:

​

  1. where you have provided us with explicit consent;
     

  2. where it is necessary for employment, social security and social protection (and it is properly authorised by law);
     

  3. where it is necessary for your vital interests or the interests of another person;
     

  4. where the processing is carried out in the course of legitimate activities under a foundation, association or non-for-profit body with a political, philosophical, religious or trade union aim;
     

  5. where the information is made publicly available by you;
     

  6. where the processing is necessary for defending or establishing legal claims or court proceedings;
     

  7. where the processing is necessary for substantial public interest;
     

  8. where the information is necessary for medical or social care reasons;
     

  9. where the information is necessary for reasons of public interests or in the area of public health; and/or
     

10. where the information is necessary for scientific research, statistical purposes, historical research or archiving purposes in public interest.

 

In general, in order to meet the purposes we have described, we will usually process your sensitive information where:

 

this is necessary for medical and social care reasons.

 

3. Lawful bases specifically applicable to marketing

 

We will only ever use your personal information to send you marketing directly where we have your explicit consent (which will be obtained in a format separately to this policy).

 

 

Sharing of your personal information

 

On any occasion where any of your personal information is shared with any third party, we shall only permit them to process such information for our required purposes, under our specific instruction, and not for their own purposes.

 

We are required to enter into a formal legal agreement to enable such sharing to take place.

In order to meet the purposes we have described above, we may on some occasions need to share your personal information with other third parties. Those third parties will be:

 

Where a prescription product is required for your treatment, with consent personal information will be provided to the private prescriber for the purpose of checking suitability & medical history.

 

 

Necessity of information

 

Where information is requested from you and you do not provide this:

Failure to disclose requested personal data when registering or being consulted could result in your treatment being cancelled or personal injury.

 

No liability in any form will be taken for information not freely given when requested, your consent (either signed digitally or in person) is confirmation of this.

 

We will inform you at the point of collecting information from you, whether you are required to provide the information to us.

 

 

How long your personal information will be kept

 

Your personal information will only be kept for the period of time which is necessary for us to fulfil the above purposes.

 

We envisage that your personal information shall be retained by us for the following:

 

Under the General Data Protection Regulation, we will only hold personal identifiable data for the maximum retention periods:

 

Aesthetic Records - 7 years following last appointment

Marketing Enquiries and Emails - 6 months

CCTV footage - 4 weeks

 

After the period described above, your information shall be properly deleted or anonymised.

 

Keeping your information secure

 

We will ensure the proper safety and security of your personal information and have measures in place to do so. We will also use technological and organisation measures to keep your information secure. These measures are as follows:

 

User account access is controlled via username and password.

All data is stored on secure servers or secured filing systems. 

 

We have proper procedures in place to deal with any data security breach, which shall be reported and dealt with in accordance with data protection laws and regulations. You shall also be notified of any suspected data breach concerning your personal information.

​

Children

 

Our website is not intended for children (anybody under the age of 18). We do not intend to collect data from children.

​

Your rights

 

Under the UK General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  1. fair processing of information and transparency over how we use your use personal information;
     

  2. access to your personal information and to certain other supplementary information that this Privacy Statement is already designed to address;
     

  3. require us to correct any mistakes in your information which we hold;
     

  4. require the erasure of personal information concerning you in certain situations;
     

  5. receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit this information to a third party in certain situations;
     

  6. object at any time to processing of personal information concerning you for direct marketing;
     

  7. object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
     

  8. object in certain other situations to our continued processing of your personal information, or ask us to suspend the processing procedure in order for you confirm its assurance or our reasoning for processing it;
     

  9. object to processing our your personal information where we are doing so in reliance upon a legitimate interest of our own or of a third party and where you wish to raise to an objection to this particular ground;
     

10. otherwise restrict our processing of your personal information in certain circumstances;

11. claim compensation for damages caused by our breach of any data protection laws; and/or

 

12. in any circumstance where we rely upon your consent for processing personal information, you may withdraw this consent at any time.
 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on your rights under the General Data Protection Regulations.

 

If you would like to exercise any of these rights please contact STEVEN OAKDEN-HOWELL or LISA LEWIS in the following manner:

 

Emailing the clinic on bookings@thecottageclinic.co.uk and making your request.

 

Changes to the privacy policy.

 

This privacy policy was published on 1st February 2024 and last updated on 1st February 2024.

 

We may change this privacy policy from time to time and will notify you of any changes by:

 

By notice of a blog update on the website

​

Contacting us

The relevant person to contact regarding your personal information is: STEVEN OAKDEN-HOWELL or LISA LEWIS.

Any requests or questions regarding the use of your personal information should be made to the above named person using the following method:

 

         Emailing the clinic on bookings@thecottageclinic.co.uk and making your request.

 

Sources of further Information

 

This policy provides key information to you regarding the processed of your information. For certain areas of our information processing, we have further comprehensive details contained in other documentation. This information can be located as follows:

 

  • Our policy regarding the use of cookies and other similar technologies entitled COOKIE POLICY can be located at:

thecottageclinic.co.uk/terms-and-conditions

 

  • Our policy regarding the use of your sensitive data entitled SENSITIVE DATA can be located at:

 thecottageclinic.co.uk/terms-and-conditions

Let’s Work Together

500 Terry Francine Street 

San Francisco, CA 94158

E-Mail: info@mysite.com

Tel: 123-456-7890

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Thanks for submitting!

bottom of page