Privacy Policy

Privacy Policy
Effective from 2 May 2025

Beverley Laser Studio ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Beverley Laser Studio

95 Watts Road

Beverley

East Riding of Yorkshire

HU17 9DZ

07792 010094

beverleylaserstudio@gmail.com


Data Controller: Joanne McDonnell

2. What Information We Collect

We may collect and process the following personal data:

  • Identity Data – name, date of birth, gender.

  • Contact Data – address, email address, telephone number.

  • Medical & Health Data – skin type, medical history, treatment notes (only with explicit consent).

  • Financial Data – payment details (e.g., for deposits or treatments).

  • Marketing & Communication Data – preferences for receiving marketing from us.

We do not collect any special categories of personal data without your explicit consent.

3. How We Collect Your Information

We collect personal data through:

  • Online booking forms

  • In-person consultations

  • Website contact forms

  • Email or phone communications

  • Customer surveys or promotions

4. Why We Use Your Data

We process your data for the following purposes:

  • To provide and manage your appointments and treatments

  • To communicate with you about bookings or enquiries

  • To maintain treatment records for your safety and our legal obligations

  • To take payments and issue receipts

  • To send occasional promotional materials (with your consent)

  • To comply with UK legal or regulatory obligations

5. Lawful Basis for Processing

We rely on one or more of the following lawful bases:

  • Consent – where you have given clear permission for us to process your personal data.

  • Contract – where processing is necessary for a treatment or service you’ve requested.

  • Legal Obligation – where we are required to comply with laws or regulations.

  • Legitimate Interests – where processing is necessary for our business operations and does not override your rights.

6. How We Store Your Data

Your information is stored securely using encrypted systems and password-protected files. Where physical records exist (e.g., consultation forms), these are stored in locked cabinets accessible only to authorised staff.

We retain your data only for as long as necessary for the purposes described above, and in accordance with legal and regulatory requirements. Medical and treatment records may be kept for up to 7 years in line with UK health and safety guidelines.

7. Sharing Your Information

We do not sell or rent your personal data. We may share it with:

  • Service providers (e.g., secure online booking/payment platforms)

  • Regulatory or legal authorities when required by law

Any third parties are contractually obligated to keep your data secure and only use it for specified purposes.

8. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate data

  • Request erasure ("the right to be forgotten")

  • Object to or restrict processing

  • Withdraw consent at any time

  • Data portability (in certain circumstances)

  • Lodge a complaint with the Information Commissioner's Office (ICO)

To exercise any of these rights, please contact us using the details above.

9. Cookies and Website Analytics

Our website may use cookies to improve functionality and user experience. You will be prompted to accept or reject non-essential cookies on your first visit.

We may also collect anonymised data for analytics purposes, such as website traffic and user interaction (e.g., via Google Analytics).

10. Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page and, where appropriate, notified to you by email.

Last updated: 2 May 2025