Privacy Policy

This Privacy Policy explains how London Aesthetics and Regenerative Centre Ltd. T/A Revitalise London (Company number: 14246197), registered at 22 Harley Street, London, England, W1G 9PL, collects, uses, and protects your personal information. We are committed to safeguarding your privacy, protecting your data, and being transparent about how we use it. This policy applies to all personal data collected through our website, in our clinic, and via related services.

1. Information We Collect

We may collect and process the following types of personal information:

• Identity and Contact Data: Name, date of birth, address, email address, and phone number.

• Health and Medical Data: Information about your health, medical history, allergies, medications, clinical notes, and treatment details. This is classified as special category data under GDPR.

• Financial Data: Payment details for appointment bookings and treatment fees.

• Technical and Usage Data: Information about your use of our website (e.g., IP address, browser type, operating system, pages visited).

• Communication Data: Records of communications and correspondence between you and our clinic.

2. How We Use Your Information

We use your personal data for the following purposes:

• To Provide Clinical Services: Diagnose conditions, create treatment plans, and deliver medical care.

• To Manage Your Care: Schedule and manage appointments, process payments, and maintain medical records.

• To Communicate with You: Send appointment confirmations, reminders, and updates regarding your care.

• For Internal Administration: Manage clinic operations, maintain accurate records, and comply with regulatory obligations.

• For Marketing (with Consent): If you opt in, we may send updates, newsletters, or information about our services. You can withdraw consent at any time by clicking “unsubscribe” in emails or contacting us directly.

3. Legal Basis for Processing

We process personal data under the following lawful bases:

• Consent – when you explicitly agree (e.g., for marketing communications).

• Contract – when processing is necessary to deliver services you have booked.

• Legal Obligation – when required by law or regulation.

• Legitimate Interests – when necessary for business operations, provided your rights are not overridden.

• Vital Interests – in rare cases, to protect life or health.

For sensitive medical data, the primary lawful basis is the provision of healthcare and treatment.

4. Sharing Your Information

We do not sell or trade your personal information. We may share data with:

• Healthcare Professionals – our medical team and relevant specialists for continuity of care.

• Service Providers – trusted third-party partners (e.g., IT support, payment processors, accredited laboratories). These providers must process data securely and only as instructed.

• Regulators and Legal Authorities – when required by law.

If personal data is transferred outside the UK (e.g., for cloud storage or IT services), we ensure adequate safeguards are in place such as UK adequacy regulations or standard contractual clauses.

5. Data Storage and Security

• Data is stored securely in encrypted systems and/or locked physical files with restricted access.

• Access is limited to authorised staff under confidentiality agreements.

• Medical records are retained in line with NHS and GMC guidelines:

  • Adults: usually 8 years after last contact.

  • Children: until the patient’s 25th birthday.

  • Cancer treatment records: may be retained indefinitely.

• When data is no longer needed, it is securely deleted or destroyed.

6. Your Rights

Under data protection law, you have the right to:

• Access your personal data.

• Request correction of inaccurate or incomplete data.

• Request erasure of your data (“right to be forgotten”).

• Restrict processing of your data.

• Request data portability (receive your data in a usable format).

• Object to processing (including marketing).

To exercise these rights, please contact us using the details below.

7. Cookies Policy

Our website uses cookies to improve browsing, analyse traffic, and personalise content. You can adjust your browser settings to refuse cookies, but some features may not function properly.

8. Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, including legal, accounting, or reporting requirements. Clinical data retention follows the guidelines set out above.

9. Complaints

If you are concerned about how we handle your data:

• You may first contact us directly (see contact details below).

• If unresolved, you have the right to complain to the Information Commissioner’s Office (ICO):

  • Website: www.ico.org.uk

  • Helpline: 0303 123 1113

  • Address: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

For complaints relating specifically to clinical care, you may also contact the Care Quality Commission (CQC):

• Website: www.cqc.org.uk

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website, with the date of the last update clearly displayed.

11. Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

• Email: enquiries@revitaliselondon.co.uk

• Phone: +44 20 4552 4481

• Address: Revitalise London Ltd, 22 Harley Street, London, England, W1G 9PL