Skip to Content

Privacy Policy

Privacy Policy (Dr Rehab Aesthetics)

Effective Date: February 2026

Website: www.drrehab.co.uk

1) Who We Are

Dr Rehab Aesthetics (“We”, “Us”, “Our”) Provides Aesthetic Medicine Consultations And Treatments. We Are The Data Controller For Personal Data Collected Through Our Website And In Connection With Our Services.

Clinic Details

Name: Dr Rehab Aesthetics

Address: Beautify Spa & Wellness, 313 Preston Rd, Clayton-le-Woods, Chorley PR6 7PY

Email: drrehabaesthetics@gmail.com

Phone: +447856959823

Data Protection Contact: Dr Rehab Hamed

2) This Policy

This Privacy Policy Explains How We Collect, Use, Store, And Share Personal Data When You Visit Our Website. This Privacy Policy Also Applies When You Contact Us By Phone, Email, WhatsApp, Social Media, Or Web Forms. This Privacy Policy Also Applies When You Book Appointments, Attend Consultations, Or Receive Treatments. This Privacy Policy Also Applies When You Sign Up For Offers, Newsletters, Or Updates.

We Comply With The UK GDPR And The Data Protection Act 2018.

3) The Personal Data We Collect

Depending On How You Interact With Us, We May Collect The Following Types Of Personal Data.

A. Identity And Contact Data

Name, Date Of Birth (If Required), Address, Email, And Phone Number.

B. Appointment And Communication Data

Booking Details, Messages You Send Us, Call Notes, And Customer Support Records.

C. Consultation And Treatment Data (Health-Related Data)

Medical History And Screening Questions Including Allergies, Medications, And Previous Procedures. Treatment Plans, Records Of Treatment, Outcomes, And Follow Up Notes. Consent Forms And Adverse Event Records. Clinical Photographs Before And After If Taken As Part Of Your Care.

D. Website And Device Data

IP Address, Browser Type, Device Information, Pages Viewed, And Cookie Identifiers.

E. Payment Data

If You Pay Online Or By Card, Payments May Be Processed By A Third Party Payment Provider. We Typically Receive Confirmation Of Payment And Limited Transaction Details. We Do Not Usually Store Full Card Numbers.

4) Special Category Data (Health Information And Photos)

Health Data And Clinical Images Are Special Category Data Under UK GDPR. We Handle These With Additional Safeguards.

We Generally Use Your Health Data To Provide Safe Care. Our Lawful Basis Usually Includes Providing Healthcare Or Treatment Under UK GDPR Article 6. Our Lawful Basis Also Includes Health Or Social Care Purposes Under UK GDPR Article 9(2)(H) With Professional Confidentiality Safeguards. We May Also Rely On Your Explicit Consent Where Required, Especially For Marketing Use Of Images.

We Will Tell You What Basis Applies At The Point We Collect The Information.

5) How We Use Your Data (Purposes)

We Use Your Data To Respond To Enquiries And Provide Customer Support. We Use Your Data To Book, Manage, And Deliver Appointments And Treatments. We Use Your Data To Assess Suitability For Treatment And Ensure Your Safety. We Use Your Data To Maintain Clinical Records And Manage Follow Up Care. We Use Your Data To Take And Store Clinical Photos For Your Medical Record Where Needed. We Use Your Data To Process Payments And Issue Receipts. We Use Your Data To Improve Our Services And Website. We Use Your Data To Send Appointment Reminders And Essential Service Messages. We Use Your Data To Send Marketing Messages Only If You Have Opted In. We Use Your Data To Comply With Legal And Regulatory Obligations. We Use Your Data To Defend Legal Claims If Needed.

6) Lawful Bases For Processing

We Rely On One Or More Of The Following Lawful Bases Under UK GDPR Article 6.

We Process Data Under Contract When We Provide Services You Request Such As Bookings And Treatment. We Process Data Under Legal Obligation Where We Must Comply With Laws Or Regulations. We Process Data Under Legitimate Interests To Run And Improve Our Business While Respecting Your Rights. We Process Data Under Consent For Certain Marketing And Optional Activities Such As Newsletters And Testimonials. We Process Data Under Vital Interests In Rare Cases To Protect Someone’s Life.

For Special Category Data Under Article 9, We May Rely On Health Or Social Care Purposes With Confidentiality Safeguards. We May Also Rely On Explicit Consent, Commonly For Marketing Use Of Identifiable Images.

7) Marketing And Your Choices

If You Opt In, We May Send You Marketing By Email, SMS, WhatsApp, Or Social Messaging About Offers, New Treatments, And Updates.

You Can Opt Out At Any Time By Using The Unsubscribe Link In Emails. You Can Opt Out By Replying STOP To Messages Where Applicable. You Can Also Opt Out By Contacting Us At [Email].

We Do Not Sell Your Personal Data To Third Parties.

8) Before And After Photos, Testimonials, And Social Media

Clinical Photos For Your Medical Record May Be Taken As Part Of Your Care For Assessment, Documentation, And Monitoring. Clinical Photos Used For Your Medical Record Remain Part Of Your Confidential Record.

Photos Or Videos For Marketing On The Website Or Social Media Will Only Be Used If You Give Explicit Consent. You Can Withdraw Consent At Any Time. Withdrawal Will Not Affect Lawful Use Before Withdrawal. We Will Stop Future Use And Where Reasonably Possible Remove Content. It May Not Be Possible To Fully Remove Content Already Shared By Others Or Cached Online.

9) Who We Share Your Data With

We May Share Data With Trusted Third Parties Only When Necessary.

We May Share Data With Online Booking Or Clinic Management Systems. We May Share Data With Payment Processors. We May Share Data With Website Hosting Providers And IT Support. We May Share Data With Email, SMS, Or WhatsApp Providers For Reminders Where Used. We May Share Data With Professional Advisers Such As Accountants, Insurers, And Legal Advisers. We May Share Data With Regulators, Law Enforcement, Or Authorities Where Legally Required. We May Share Data With Laboratories Or Medical Partners Only If Relevant To Your Care, Which Is Rare In Aesthetics.

All Service Providers Are Required To Protect Your Data And Only Process It On Our Instructions Where Applicable.

10) International Transfers

Some Service Providers May Store Or Process Data Outside The UK. Where This Happens, We Use Appropriate Safeguards Such As UK GDPR Approved Transfer Mechanisms.

11) Data Security

We Use Reasonable And Appropriate Security Measures To Protect Personal Data. We Use Access Controls, Encryption Where Available, Secure Storage, And Staff Confidentiality. No System Is 100 Percent Secure, But We Work Hard To Protect Your Information.

12) How Long We Keep Your Data (Retention)

We Keep Your Data Only As Long As Necessary For The Purposes Described Above. We Also Keep Data To Meet Legal, Clinical, And Accounting Requirements.

Clinical Records And Consent Forms Are Kept For A Period Consistent With UK Healthcare Record Standards And Legal Obligations. Enquiries Without Treatment Are Usually Kept For A Shorter Period Such As [6 To 24 Months]. Financial Records Are Kept To Meet HMRC Requirements, Often Up To [6 Years]. Exact Retention May Vary Depending On The Nature Of The Data And Services Provided.

13) Your Rights

You Have Rights Under UK GDPR. You Have The Right To Access Your Personal Data. You Have The Right To Correct Inaccurate Data. You Have The Right To Request Erasure In Certain Circumstances. You Have The Right To Restrict Processing. You Have The Right To Data Portability In Certain Circumstances. You Have The Right To Object To Processing Based On Legitimate Interests Or Direct Marketing. You Have The Right To Withdraw Consent Where Processing Is Based On Consent. You Have The Right To Complain To The UK Information Commissioner’s Office.

To Exercise Your Rights, Please Contact Us At [Email]. We May Need To Verify Your Identity Before Responding.

You Can Complain To The Information Commissioner’s Office If You Are Unhappy With How We Handle Your Data.

14) Cookies And Analytics

Our Website May Use Cookies And Similar Technologies To Make The Site Work Properly. Our Website May Use Cookies And Similar Technologies To Understand How Visitors Use The Site. Our Website May Use Cookies And Similar Technologies To Improve Performance And Content.

You Can Control Cookies Through Your Browser Settings And Where Available Our Cookie Banner Preferences.

Cookie Types May Include Strictly Necessary Cookies For Site Functionality. Cookie Types May Include Analytics Cookies For Traffic Measurement. Cookie Types May Include Marketing Cookies Used Only If Enabled Or Consented.

15) Third Party Links

Our Website May Include Links To Third Party Sites Such As Instagram, Facebook, Or Booking Platforms. We Are Not Responsible For Their Privacy Practices. Please Review Their Privacy Policies.

16) Children’s Privacy

Our Services And Website Are Not Intended For Children Under 18. We Do Not Knowingly Collect Personal Data From Children. If You Believe A Child Has Provided Data, Please Contact Us And We Will Address It.

17) Changes To This Policy

We May Update This Privacy Policy From Time To Time. The Latest Version Will Be Posted On This Page With An Updated Effective Date.

18) Contact Us

If You Have Questions About This Policy Or How We Use Your Data, Please Contact Us.

Email: drrehabaesthetics@gmail.com

Phone: +447856959823

Address: Beautify Spa & Wellness, 313 Preston Rd, Clayton-le-Woods, Chorley PR6 7PY