Introduction

At Medcura Clinic, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and store your personal information when you interact with us, whether through our website, booking services, or when purchasing skincare products. We comply with all relevant data protection laws, including the UK GDPR and the Data Protection Act 2018.

By using our services or accessing our website, you agree to the practices outlined in this policy.

1. Information We Collect

We collect personal information that you provide directly to us, as well as information collected automatically through your use of our website.

Information You Provide:

• Personal Details: Name, email address, phone number, address, and date of birth when you book a treatment or create an account.
• Payment Information: Billing address and payment card details when you make a purchase or pay for treatments.
• Medical Information: Certain treatments may require you to provide health-related information (e.g., allergies or skin conditions) to ensure safety.
• Communication: Any information you provide when you contact us (via email, phone, or other means) or when signing up for newsletters.

Information We Collect Automatically:

• Technical Information: IP address, browser type, operating system, and other technology used to access our site.
• Usage Data: Information about how you interact with our website, such as pages viewed, links clicked, and time spent on the site.
• Cookies: We use cookies to enhance your browsing experience. For more details, see our Cookies Policy.

2. How We Use Your Information

We use the information we collect in the following ways:

• To Provide Services: Processing your treatment bookings and product orders, and communicating with you regarding appointments or purchases.
• For Customer Support: Responding to your inquiries, complaints, or requests.
• Marketing and Communication: Sending promotional emails, newsletters, or special offers (only with your explicit consent).
• Personalisation: Customising your experience on our website by remembering preferences.
• Legal Compliance: To meet our legal obligations under UK law and in response to lawful requests by public authorities.

3. Legal Basis for Processing

We will only process your personal data where we have a lawful basis to do so under the GDPR, including:

• Consent: Where you have given us explicit permission (e.g., for marketing communications).
• Contractual Necessity: To fulfil our contractual obligations to you (e.g., booking treatments or purchasing products).
• Legal Obligation: To comply with our legal duties (e.g., tax or medical regulations).
• Legitimate Interests: To manage and improve our business (e.g., for analytics or preventing fraud), provided these interests are not overridden by your rights.

4. How We Share Your Information

We do not sell or rent your personal data to third parties. However, we may share your information with the following:

• Service Providers: Third-party companies that assist in providing services to you, such as payment processing, email delivery, or website hosting. They will only process your data in accordance with our instructions.
• Legal Authorities: If required to comply with legal obligations or to protect the rights, property, or safety of Vanity Clinic or others.

Any third-party service providers we use will be contractually bound to protect your data and only use it for the purposes specified by Vanity Clinic.

5. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes we collected it for, including legal, accounting, or reporting requirements. For example:

• Medical Records: Kept for a minimum of 10 years in line with legal obligations.
• Transactional Data: Retained for at least 6 years for tax and financial reporting.

When your personal data is no longer needed, it will be securely deleted or anonymised.

6. Your Data Rights

As a UK resident, you have the following rights under data protection laws:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct any inaccurate or incomplete information.
• Right to Erasure: You can request the deletion of your personal data under certain circumstances (e.g., if it is no longer needed).
• Right to Restrict Processing: You can request we limit how we use your personal data in certain situations.
• Right to Data Portability: You can request that we transfer your personal data to another organisation, where feasible.
• Right to Object: You have the right to object to the processing of your data for direct marketing purposes.
• Right to Withdraw Consent: If we rely on your consent to process your data, you can withdraw it at any time.

To exercise any of these rights, please contact us at info@medcura.co.uk.

7. Data Security

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to prevent unauthorised access, loss, or misuse of your data. This includes encryption, secure servers, and regular security assessments.

However, please note that no method of transmission over the internet is completely secure, and we cannot guarantee the absolute security of your data.

8. International Transfers

Where we transfer your personal data outside the UK or European Economic Area (EEA), we will ensure appropriate safeguards are in place to protect your data, in compliance with data protection laws.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and where appropriate, we will notify you via email or other means.

10. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

Medcura Clinic

Email: info@medcura.co.uk. Phone: +44 758 607 7079

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been mishandled. For more information, visit www.ico.org.uk.