Privacy
Policy

Who We Are

Signature Aesthetics by Paula is a nurse-led aesthetic clinic based at The Old Brewery, Castle Eden, Hartlepool, TS27 4SU. For the purposes of UK data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Signature Aesthetics by Paula is the Data Controller.

If you have any questions regarding this Privacy Policy or how your data is handled, please contact: Email: signatureaestheticsbypaula@outlook.com · Address: The Old Brewery, Castle Eden, Hartlepool, TS27 4SU.

Information We Collect

We may collect and process personal data including full name, date of birth, address, email address, telephone number, medical history and health information, treatment records and consultation notes, consent forms, payment and booking information, and training enrolment details where applicable.

We may also collect IP address, browser type, device information, pages visited, booking interaction data and cookie information.

Third-party booking systems such as Aesthetic Nurse Software may process relevant personal and medical data for appointments and records.

How We Use Your Information

We use your information to provide safe and appropriate treatments, assess medical suitability, maintain records, process bookings and payments, contact you about appointments and aftercare, respond to enquiries, meet legal and insurance obligations, and improve our website and services.

Marketing communications are only sent where a user has opted in.

Legal Basis for Processing

We process data under consent, performance of a contract, legal obligation, vital interests, and legitimate interests. Medical data is special category data and is processed under Article 9 of UK GDPR for healthcare provision.

Data Storage and Security

Information is stored securely using password-protected and encrypted systems. Appropriate technical and organisational measures are in place. Clinical records are retained in line with professional and insurance requirements, typically for a minimum of 7 years.

Sharing Your Information

Data is only shared where necessary and lawful, including with booking system providers, payment processors, professional indemnity insurers, regulatory bodies where required, and medical professionals where appropriate and with consent. We do not sell personal data.

Cookies

The website uses cookies to improve user experience and performance. Users may disable cookies in browser settings.

Your Rights

Under UK GDPR, users have rights including access, correction, erasure where legally permissible, restriction, objection, portability and withdrawal of consent. To exercise rights, email signatureaestheticsbypaula@outlook.com.

Data Retention

Medical and treatment records are retained for a minimum of 7 years. General enquiry data may be retained for a shorter period unless required for legal purposes.

Children

The clinic does not knowingly provide aesthetic treatments to individuals under 18. Proof of age may be required.

External Links

The website may contain links to third-party websites and is not responsible for their privacy policies or content.

Changes to This Policy

The policy may be updated and the latest version will always be available on the website.