How information about you will be used

Who are we?

Exthetics is a company providing a range of non-surgical beauty treatments.

Why we process your data?

You, or your authorised third party, has provided us with your data in order to:

  1. provide you with information about our services, or
  2. provide you with our services, or
  3. both of the above

The data we generally process is not publicly available, however, we may obtain information from other third parties where you have consented for those third parties to share your data or where there is a legitimate interest to do so. For example, where a payment is owed to us we may obtain your current address and contact details amongst other data from public records such as the Land Registry or to check information with Credit Reference Agencies to ensure we hold correct details for you.

What data do you hold about me?

We hold necessary information to be able to provide you with any of the services described above, ensure a complete medical history is maintained (where appropriate) and to keep you up to date with our services (where you have asked for us to do so). For example, your name, address, date of birth, medical history (where applicable) and contact details.

We will also keep a selection of photographs and/or video of your treatment (if applicable) in order to ensure the highest quality of service. We will not transfer this to any other third party without your permission, unless you agree to us using such media for our marketing purposes.

We will also hold necessary data in order to pursue our legitimate interests including keeping you up to date with our services.

How will you use my personal information?

Our use of your data will be to allow us to supply our services, ensure your contractual obligation is met and to protect your health.

  • Providing your treatment;
  • Ensuring your treatment is safe;
  • Making reasonable adjustments;
  • Providing healthcare professionals with information about treatment where this is vital to your health;
  • Debt recovery;
  • Managing and/or monitoring your account;
  • Auditing;
  • Statistical analysis;
  • Fraud prevention;
  • Sharing with Credit Reference Agencies or approved third party suppliers.

We will only use your personal data for marketing purposes where you have agreed we can do so in advance or where you have previously been a customer of ours. We will never pass your data onto a third party for marketing purposes.

The processing of your data is necessary for the performance of the contract you entered into with us. The processing of your health information is necessary for compliance with our legal obligations, as such this data will be retained for longer.

Who will you share my data with?

All the personal data we hold about you will be processed within the EU or to any country that can guarantee adequate protection under the data protection legislation.

We process your data to the following organisations:

  • Timely as this firm provides computer systems we use, they do not pass your data to any other third party.
  • Aesthetic Nurse Software as this firm provides computer systems we use, they do not pass your data to any other third party.
  • Go Cardless, as this firm provides payment plans, where you are making payments on a monthly basis.

We may disclose information outside of these groups to help prevent fraud, or if required to do so by law.

Sensitive personal data

(Before having a treatment) It would benefit you to notify us of any health condition, disability, treatment history and/or personal information relating to your private life that may impact on the services we offer. This will allow us to take reasonable steps to accommodate your needs or requirements and to ensure safe treatment.

We will process this data under our legal obligation to provide safe healthcare services. This information will be used by us to assist you and will be kept as long as it is required for this purpose.


How long is my data retained?

We will generally retain your data for six years after our services have finished, after which time it will be deleted or anonymised if it is no longer required for the lawful purpose for which it was obtained. However, where the data is required to ensure safe treatment, we will maintain this for 20 years.

If you have provided us with your data for marketing purposes and have not accessed a product or service, we will delete the data after one year.

What are my rights?

Under data protection legislation you have several rights regarding the use of your personal data, as follows:

  • If at any point you wish to either confirm whether your personal data is being processed and/or you require access to the data we hold on you, you can request to see this information, and we will respond within a month.
  • You also have the right for certain data you have provided us with to be provided to you in structured and commonly used electronic format (for example, a Microsoft Excel file), so that you can move, copy or transfer this data easily to another data controller.
  • You are entitled to have data corrected if it is inaccurate or incomplete.
  • Whilst you are entitled to have data deleted if it is no longer needed or there is no longer a legitimate reason for processing, or the data is question has otherwise unlawfully been processed, it is unlikely we will delete your data unless you have settled the account or it is closed
  • You have the right to object to the processing of your personal data.
  • You have the right to restrict the processing of your personal data under certain circumstances, including if you have contested its accuracy, or if we are reviewing an objection you have raised in relation to its processing.
  • Where we process your data on the basis of consent, which will usually be the case for data we use to provide you with information about our services, you have with right to ask us to delete that data

How to use any of the rights stated above or complain about the use of your data

Last updated: 6th of June 2024

Google Rating
Based on 32 reviews