At Rebecca Mackay Aesthetics, we are committed to protecting your personal data and respecting your privacy. This policy explains what information we collect, how we use it, and your rights in relation to your data.

1. Who We Are

Rebecca Mackay Aesthetics provides aesthetic and clinical services. We act as the “data controller” for the personal information you share with us.

Contact details:

• Email: rebeccamackayaesthetics@gmail.com
• Phone: 01206 670304
• Address: Evolve Business Park, 23 Mayfly Way, Ardleigh, C07 7WX

2. Information We Collect

We may collect and process the following information about you:

• Personal details: name, date of birth, gender, contact information.
• Medical information: medical history, current medications, allergies, treatment notes, before/after photos.
• Payment details: billing address, payment information (processed securely).
• Website usage data: cookies, IP address, and browsing information for site improvements.

3. How We Use Your Information

We use your information to:

• Provide safe and effective treatments.
• Maintain accurate medical and treatment records.
• Process payments and manage appointments.
• Communicate with you regarding your care, bookings, or enquiries.
• Send relevant updates, offers, or newsletters (only if you have opted in).
• Comply with legal or regulatory obligations.

4. Legal Basis for Processing

We process your data on the following bases:

• Consent – when you agree to us storing/using your data (e.g. marketing).
• Contract – when it is necessary to deliver our services to you.
• Legal obligation – where we must retain records for medical, tax, or regulatory purposes.
• Legitimate interests – to improve our services and maintain clinic operations.

5. Sharing Your Data

We will never sell your personal data. We may share it only with:

• Licensed healthcare professionals directly involved in your care.
• Payment processors (for billing).
• IT and software providers who support our systems (under strict confidentiality agreements).
• Regulators or insurers where legally required.

6. Data Storage & Security

• Your records are stored securely in compliance with GDPR and UK data protection law.
• We use secure, encrypted systems to protect your information.
• Records are retained for the period required by medical and legal regulations, after which they are securely destroyed.

7. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Request corrections to inaccurate data.
• Request deletion of your data (where legally possible).
• Restrict or object to certain processing.
• Withdraw consent at any time (for marketing or communications).

To exercise these rights, please contact us at [Insert Email].

8. Cookies

Our website uses cookies to improve user experience. You can control or disable cookies in your browser settings.

9. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on our website with an updated “last revised” date.

10. Contact Us

If you have any questions or concerns about this policy or how we handle your data, please contact:
Rebecca Mackay Aesthetics
Email: rebeccamackayaesthetics@gmail.com
Phone: 01206 670304

If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.