Privacy Policy
Forever Young Medical Aesthetics
This policy relates to the processing of personal data as undertaken by Epsom Skin Clinics, the trading name of the company:
Forever Young Medical Aesthetics Ltd Registered No:05277050
Registered address at:
Nightingale House
46-48 East Street
Epsom
KT17 1HQ
We collect certain information or data about you when you use our services and related media links.
What information is collected?
Details to allow us to communicate with you, for example:
- Your Full address
- Your email address
- Telephone numbers including mobile number
- Your full medical history including DOB
This allows us to:
- Communicate effectively with you confirming and reminding you of appointments with us
- Provide you with information on other products and services via email & text if you choose to receive such information
- Communicate with other medical providers related to the services you receive from us; this will include histology & blood testing
All data processing undertaken by Epsom Skin Clinics is carried out on a lawful basis as per the General Data Protection Regulation, Article 6(1).
Where your data is is stored and is it secure?
We use Private Practice Software (PPS) to store your data on a hosted database and this means that your data is held in state-of-the-art secure UK data centres managed by iomart, one of the UK’s leading data centre providers. Our supplier is ISO 27001 certified and employs an array of methods to ensure that your data is kept safe, secure and accessible including:
- An Enterprise class firewall system that prevents unauthorised access to the servers and data.
- Redundant hardware ensures that failure of a component piece of hardware does not cause loss of access to systems or loss of data.
- Physical security is provided through 24/7/365 data centre staffing and with CCTV cameras, motion detectors and a secure key fob access system.
Whenever we connect to any of our cloud-based systems SSL is used to encrypt the connection, ensuring that your data remains safe and secure.
We also keep clerical records that include the following:
- Client registration form including medical history
- Personal needs assessment form
- Your treatment plan
- Consent forms for the services you have with us
- Any other correspondence related to the services you have with us
We keep our clerical data for a period of 10 years which confirms with the guidelines from the Care Quality Commission for the management of medical records. If you do not enagage with our services for a period of 3 years you will become inactive as a client and we will arrange for your clerical data to be scanned and backed up to our hosted Google Drive and the originals will be shredded
Disclosing your information
In line with GDPR Article 6(1)(c) we may pass on your personal information and exchange any of your details if we have a legal obligation to do so, or if we have to enforce or apply our terms and conditions or other agreements.
Your rights
You can find out what information we hold about you, and ask us not to use any of the information we collect. All enquiries should be made in writing to:
The Compliance Officer
Epsom Skin Clinics
11 Depot Road
Epsom
Surrey
KT17 4RJ
Links to other websites
www.epsomskinclinics.com may contain links to and from other websites. This privacy policy only applies to this website, and doesn’t cover other site with services and transactions that we link to.
Finance
If you choose to make a purchase from us using a loan, we will share your information with lenders with whom we have a relationship. We will only do this with your consent. If you decide to proceed with a loan application, we will share your information with the relevant lender for the purpose of introducing you to their loan product(s). You should refer to the lender’s privacy notice for information on how they process your data.