Rediscovered Skin Clinic is the sole owner of the information collected on this site. We will not sell, share, or rent this information to others. Rediscovered Skin Clinic collects information from our users at several different points on our website.

What personal data do we collect about you?

Personal data means any information capable of identifying an individual. It does not include anonymised data.

We may process certain types of personal data about you as follows:

• Identity Data may include your first name, maiden name, last name, username, marital status, title, date of birth and gender.
• Contact Data may include your billing address, delivery address, email address and telephone numbers.
• Financial Data may include your bank account and payment card details.
• Transaction Data may include details about payments between us and other details of purchases made by you.
• Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site.
• Profile Data may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses.
• Usage Data may include information about how you use our website, products and services.
• Marketing and Communications Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.

We may also process Aggregated Data from your personal data but this data does not reveal your identity and as such in itself is not personal data. An example of this is where we review your Usage Data to work out the percentage of website users using a specific feature of our site. If we link the Aggregated Data with your personal data so that you can be identified from it, then it is treated as personal data.

Sensitive Data:
We may need to collect the following sensitive data about you in order to deliver certain treatments or services within the clinic: certain details pertaining to your medical history.

How do we collect your personal data:

We collect data about you through a variety of different methods including:

Direct interactions: 
You may provide data by filling in forms on our site (or otherwise) or by communicating with us by post, phone, email or otherwise, including when you:

• order our products or services;
• subscribe to our service or publications;
• request resources or marketing be sent to you;
• enter a competition, prize draw, promotion or survey; or
• give us feedback.

Automated technologies or interactions: 

As you use our site, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies.

• analytics providers such as Google based outside the EU;
• advertising networks such as Facebook based outside the EU;
• Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as PayPal, ConvertKit, WordPress and Timely based outside the EU.
• Identity and Contact Data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.

How do we use your personal data:

We will only use your personal data when legally permitted. The most common uses of your personal data are:

• Where we need to perform the contract between us.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at enquiry@rediscoveredskinclinic.co.uk

Purposes for processing your personal data:

Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data. We have also explained what our legitimate interests are where relevant.

We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please email us at enquiry@rediscoveredskinclinic.co.uk if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

We use your personal data for the following purposes:

1. To register you as a new customer.
2. Tom process and delivery of your order including managing payments, fees and charges and collecting money you owed to us.
3. To manage our relationship with you which will include: notifying you about changes to our terms or privacy policy and asking you to leave a review or take a survey.
4. To enable you to partake in a prize draw, competition or complete a survey.
5. To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising.
6. To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
7. To make suggestions and recommendations to you about goods or services that may be of interest to you.

Marketing communications:

You will receive marketing communications from us if you have:

1. requested information from us or purchased goods or services from us; or
2. if you provided us with your details when you entered a competition or registered for a promotion or free resources; and
3. in each case, you have not opted out of receiving that marketing.

We do not share your data with third parties for marketing communication purposes.

You can ask us to stop sending you marketing messages at any time by emailing us at enquiry@rediscoveredskinclinic.co.uk at any time.

Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a service purchase, product/service experience or other transactions.

Change of purpose:

We will only use your personal data for the purposes for which we collected it.

Disclosures of your personal data:

We may have to share your personal data with the parties set out below for the purposes set out in the table above:

• Service providers who provide IT and system administration services.
• Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
• HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

International Transfers:

We share your personal data within our group of companies which involves transferring your data outside the European Economic Area (EEA).

Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.

Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Cookies:

A cookie is a piece of data stored on the user’s hard drive containing information about the user. Usage of a cookie is in no way linked to any personally identifiable information while on our site. Once the user closes their browser, the cookie simply terminates. For instance, by setting a cookie on our site, the user would not have to log in a password more than once, thereby saving time while on our site. If a user rejects the cookie, they may still use our site.

Log files:

We use IP addresses to analyse trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Security:

This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected both online and off-line.

We do not ask for sensitive information such as credit card numbers online.

We do everything in our power to protect user-information off-line. All of our users’ information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, billing or customer services) are granted access to personally identifiable information.

If you have any questions about the security at our website, you can contact us here.

Site and service updates:

We may send the user site and service announcement updates. Customers are not able to un-subscribe from service announcements, which contain important information about the service. We communicate with the user to provide requested services and in regards to issues relating to their account via email or phone.

Notification of changes:

If we decide to change our privacy policy, we will post those changes on this page so our users are always aware of what information we collect, how we use it, and under circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.