Privacy Policy
Privacy Policy
Your privacy and data protection are our highest priorities
Introduction
The Nightingale Wellness Clinic (operating at www.nightingalewellnessclinic.com) is a UK-based aesthetic clinic committed to protecting your privacy and personal data. This privacy policy explains who we are, what information we collect, and how we use and protect your data in line with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
We value transparency and client trust, so we handle all personal data with care. We will never sell or rent your personal information to third parties.
Data Collected
Personal Information We Collect:
When you interact with The Nightingale Wellness Clinic, such as booking an appointment, filling out a form, or attending a consultation, we may collect the following types of personal data:
Identity Information
Your name, date of birth, and gender. This helps us identify you and make sure treatments are suitable.
Contact Information
Details such as your address, email address, and phone number, so we can get in touch with you about appointments and queries.
Health and Medical Information
Relevant health details, medical history, and treatment consent information you provide. This may include allergies, medications, or past procedures, which allows us to deliver safe skincare and aesthetic treatments tailored to you. Health data is treated as a special category of personal data, and we will only collect and use it with your explicit consent for the purposes described here.
Appointment and Transaction Details
Records of the appointments you book or attend, services or treatments you receive, and payment or purchase details. This includes consultation notes and treatment history, which we keep for continuity of care and legal record-keeping.
Website Usage Data
When you visit our website, we may collect technical data about your device and browsing actions through cookies or analytics. This can include your IP address, browser type, device details, pages viewed, and how you arrived at our site. This data helps us understand site usage and improve the user experience. It does not usually directly identify you.
We collect personal data directly from you, for example when you fill in a form or provide information during a visit, and also through our online booking system. We make sure to collect only the information relevant and necessary for the purposes described in this policy.
How Data Is Used
We use your personal data for specific, lawful reasons so that we can provide our services and operate the clinic properly. Here are the ways we use your information:
Providing Services and Treatments
We use your details and health information to plan and deliver the skincare or aesthetic treatments you request.
Appointment Management
Your contact information is used to schedule and manage bookings. We send appointment confirmations, reminders, and updates about your bookings.
Client Communication and Support
We may contact you by phone or email about your treatments, to answer your questions, or to provide support. This can also include aftercare advice or updates about changes to policies.
Health and Safety Compliance
We use your health and medical information only to ensure your safety during treatments. For example, we may ask about allergies to avoid using products that could cause a reaction.
Marketing and Promotions (With Consent)
With your consent, we may use your name and contact details to send you clinic news, special offers, or information about new treatments. You can opt out at any time.
Legal and Regulatory Compliance
We keep certain data to meet legal obligations, such as maintaining records of treatments for medical, insurance, tax, or audit purposes.
We will not use your data for any new or incompatible purpose without asking for your consent or notifying you as required. We do not carry out any automated decision-making or profiling that has legal or significant effects on you.
Data Sharing and Third Parties
The Nightingale Wellness Clinic understands how important it is to keep your information confidential. We do not share your personal data with third parties for their own marketing or business purposes. We will only share your data in the following circumstances:
Aesthetic Nurse Software (Clinic Management and Online Booking)
We use Aesthetic Nurse Software, a third-party platform, to manage appointments and client records. They act as a data processor on our behalf and only use your data following our instructions. Information such as your name, contact details, appointment records, and medical history is stored securely within Aesthetic Nurse Software.
Website and IT Service Providers
We may use trusted companies to help run our website or business, such as web hosting, email services, or IT support. These providers may incidentally access personal data while delivering their services. All such providers are bound by confidentiality and are required to comply with data protection regulations.
Payment Processors
If you make payments, your payment details may be processed by third-party payment gateways (such as card processors or banking services). We do not store full payment card details ourselves. These payment processors use your data only for the agreed purpose and must meet strict security standards.
Legal Requirements and Vital Interests
We may share your information if required by law, for example in response to a court order or to cooperate with regulatory bodies such as the Information Commissioner's Office, or to address emergencies where your health or safety is at risk.
Your Rights Under GDPR
As a client or website visitor, you have the following rights under GDPR and UK data protection law:
Access Your Data
You can request a copy of the personal information we hold about you.
Rectification
You can ask us to correct or update inaccurate or incomplete details.
Erasure (Right to be Forgotten)
You may ask us to delete your personal data in certain circumstances, such as if you no longer use our services.
Restrict Processing
You can ask us to limit how we use your data, for example while you are contesting its accuracy.
Data Portability
You may request your data in a format that allows you to move it to another provider if technically feasible.
Object to Processing
You can object to certain types of processing, such as direct marketing. If you object, we will stop using your data for that purpose.
To exercise your rights, please contact us using the details in the Contact Information section below. We may need to verify your identity before acting on your request. If you have concerns about how we handle your data, you also have the right to complain to the Information Commissioner's Office (ICO).
Data Security
We take the security of your personal data very seriously. Here are some key points:
Encryption
Our website and booking forms use SSL encryption, so any data you enter is protected in transit. Aesthetic Nurse Software also uses secure, encrypted systems for client data.
Access Controls
Only authorised staff have access to your personal data, and each has unique credentials.
Secure Storage
Digital records are stored on secure servers. Any paper records are kept in locked areas when not being used.
Routine Security
We regularly update our systems, use strong passwords, train our team on confidentiality, and monitor for suspicious activity.
While no system is 100% secure, we continually review and update our security practices to keep your information safe.
Contact Information
If you have any questions, concerns, or requests regarding this privacy policy or your personal data, please contact us:
The Nightingale Wellness Clinic (Data Controller)
364 Nacton Road
Ipswich, Suffolk IP3 9NA
07875 521186
info@nightingalewellnessclinic.co.uk
For privacy-related questions, please include "Attn: Privacy Officer" in your email subject. We treat all privacy requests seriously and aim to respond within 30 days.
If you are not satisfied with our response or believe your data has not been handled properly, you have the right to contact the Information Commissioner's Office (ICO). More information can be found at https://ico.org.uk or by calling +44 303 123 1113.
Policy Updates
We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make significant changes, we will notify you by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this policy periodically to stay informed about how we are protecting your information.
Last Updated: January 2025