Privacy Policy for Amber Grove Aesthetics and Wellbeing
Last Updated: 19 August 2025
1. Introduction
Welcome to Amber Grove Aesthetics and Wellbeing ("we", "us", "our"). We are committed to protecting and respecting your privacy. This policy explains what personal data we collect from you, how we use it, how we store it, and your rights in relation to it.
This policy applies to information we collect through our website, during consultations, during treatments, and through any other interactions you have with us.
2. Who We Are
-
Company Name: Amber Grove Aesthetics and Wellbeing
-
Data Controller: Amber Grove Aesthetics and Wellbeing
-
Contact Details:
-
Address: The Perfect Collection, 212 Station Road, Rainham, Kent, ME8 7PS
-
Phone Number: 07359 816051
-
For any questions regarding your data, please contact us using the details above.
3. What Information We Collect
We may collect and process the following types of personal data about you:
-
Personal Identification Information: Your full name, date of birth, postal address, email address, and phone number.
-
Special Category (Sensitive) Health Data: Information about your health, medical history, allergies, previous treatments, and any conditions relevant to the services you request. This is essential for providing safe and effective treatments. We may also take and store clinical photographs (before and after) as part of your treatment record, which we will only do with your explicit consent.
-
Transaction Information: Details about payments to and from you and details of the services you have purchased from us. We do not store your full credit/debit card details.
-
Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.
-
Technical Data: Information collected from your visits to our website, such as your IP address, browser type, and operating system.
4. How We Collect Your Information
We collect data in the following ways:
-
Directly from you: When you fill in consultation forms, book an appointment, contact us by phone or email, or subscribe to our newsletter.
-
Automatically: As you interact with our website, we may automatically collect Technical Data about your equipment and browsing actions by using cookies.
5. How and Why We Use Your Data (Lawful Basis for Processing)
We will only use your personal data when the law allows us to. Most commonly, we will use your data in the following circumstances:
-
To Fulfil a Contract: To provide you with the treatments and services you have booked.
-
With Your Explicit Consent: To process your sensitive health data to ensure treatments are safe and appropriate for you. We also rely on your consent to use clinical photographs and to send you direct marketing communications.
-
For our Legitimate Interests: For business administration, record keeping, and to improve our services, provided your interests and fundamental rights do not override those interests.
-
To Comply with a Legal Obligation: For maintaining medical records as required by law and our insurers.
6. Data Storage and Our Use of HubSpot
We are committed to keeping your data secure. Your personal and treatment information is stored digitally using HubSpot, a secure and compliant third-party Customer Relationship Management (CRM) platform.
-
What is HubSpot? HubSpot provides us with a centralised system to manage client relationships, appointments, and marketing communications.
-
Why we use HubSpot: It allows us to securely store your consultation forms, treatment notes, and contact information, ensuring we can provide you with a continuous and safe standard of care.
-
HubSpot's Security: HubSpot is a global company with robust security measures in place to protect your data. You can read more about HubSpot's commitment to privacy here: https://legal.hubspot.com/privacy-policy.
We may also share your data with other trusted third parties such as payment processors or booking systems, but only when it is necessary to provide our services to you.
7. Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or insurance requirements. By law, we are required to keep basic information about our customers (including health and treatment records) for a minimum of 7 years after their last treatment for insurance purposes.
8. Your Data Protection Rights
Under UK data protection law, you have rights including:
-
Your right of access - You have the right to ask us for copies of your personal information.
-
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate or complete information you think is incomplete.
-
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
-
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
-
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
-
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
-
Your right to withdraw consent - Where we have relied on your consent to process data, you have the right to withdraw that consent at any time.
To exercise any of these rights, please contact us at ambergroveaesthetics@hotmail.com
9. Changes to This Privacy Policy
We may update this policy from time to time. The latest version will always be available on our website. We encourage you to review this policy periodically.
10. How to Complain
If you have any concerns about our use of your personal information, you can make a complaint to us at ambergroveaesthetics@hotmail.com
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk