Privacy Policy
Dr Sara Aesthetics is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or engage with our non-surgical aesthetic services.
We comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, which governs the processing of personal data of individuals within the European Economic Area (EEA). By using our website or services, you agree to the terms outlined in this Privacy Policy.
-
We collect and process the following types of personal data:
1.1 Personal Information You Provide to Us
Full name
Contact details (email, phone number, address)
Date of birth
Medical history relevant to your treatment
Payment details (for appointment bookings and transactions)
Any other personal information provided via forms, consultations, or inquiries
1.2 Automatically Collected Information
When you visit our website, we may collect:
IP address
Browser type and version
Device information
Pages visited and browsing behavior
Cookies and tracking technologies (see Section 6 for details)
1.3 Information from Third Parties
We may receive information from:
Payment processors for billing purposes
Marketing and advertising platforms (if you have consented to marketing communications)
-
Under Article 6 of the GDPR, we process personal data based on the following lawful grounds:
Consent – When you provide explicit consent for marketing communications or appointment reminders.
Contractual Necessity – To provide aesthetic treatments and process payments.
Legal Obligation – To comply with legal, tax, and regulatory requirements.
Legitimate Interests – For security, fraud prevention, and improving our services (while balancing your privacy rights).
-
We use your personal information to:
Provide and manage your treatments and appointments
Process payments and issue invoices
Respond to inquiries and customer service requests
Send appointment reminders and follow-up communications
Improve our website and services through analytics and feedback
Comply with legal and regulatory obligations
-
We do not sell, rent, or trade your personal data. However, we may share it with:
Service Providers – Payment processors, IT support, booking systems, email marketing platforms, and website hosting services.
Legal Authorities – When required by law or to protect our rights and customers.
Business Transfers – If we undergo a merger, acquisition, or sale of assets.
All third parties we work with are GDPR-compliant and required to protect your data in accordance with the law.
-
As a data subject under GDPR, you have the following rights regarding your personal data:
Right to Access – Request a copy of the personal data we hold about you.
Right to Rectification – Correct inaccurate or incomplete data.
Right to Erasure ("Right to Be Forgotten") – Request deletion of your data when it is no longer needed.
Right to Restrict Processing – Limit how we use your data under certain conditions.
Right to Data Portability – Obtain a copy of your data in a structured, commonly used format.
Right to Object – Object to data processing based on legitimate interests or direct marketing.
Right to Withdraw Consent – Withdraw consent for marketing at any time.
To exercise these rights, please contact us at info@drsara-aesthetics.com. We will respond to your request within one month as required by GDPR.
-
We use cookies and similar technologies to enhance your experience. These may include:
Essential Cookies – Necessary for website functionality.
Analytical Cookies – Help us understand how users interact with our website.
Marketing Cookies – Used for personalized ads and promotions.
You can manage your cookie preferences via your browser settings or opt-out of non-essential cookies.
-
We implement industry-standard security measures to protect your personal data from unauthorized access, loss, or misuse. However, no online system is entirely secure, and we encourage you to take precautions with your personal information.
-
We retain your personal data only for as long as necessary:
Medical and treatment records: Up to 7 years (as required by healthcare regulations).
Marketing preferences: Until you withdraw consent.
Payment and transaction records: Up to 6 years (for tax compliance).
After this period, data is securely deleted or anonymized.
-
Our website may contain links to external websites including social media platforms. We are not responsible for their privacy practices and encourage you to review their policies before providing any personal data.
-
If we transfer personal data outside the European Economic Area (EEA), we ensure it is protected through:
Standard Contractual Clauses (SCCs) approved by the European Commission.
Transfers to countries with adequate data protection laws.
Other legally recognized mechanisms.
-
We may update this Privacy Policy periodically to reflect legal or business changes. Any updates will be posted on this page with the latest effective date.
If you have any questions about this Privacy Policy or your rights, please contact us at info@drsara-aesthetics.com. If you are not satisfied with our response, you have the right to lodge a complaint to the Information Commissioner’s Office – the supervisory authority that handles data protection law in the UK.