This website is owned and operated by Heswall Laser Clinic.
Please read them carefully as they contain important information and by visiting and using our website you agree that you have read, understand and agree to them.
SECURITY AND PRIVACY
We use Internet standard encryption technology to scramble your data when you transmit it to us. This process is known as SSL (secure sockets layer) and provides you with the maximum practicable level of security. To check that you are in a secure area of our site, look in the address bar of your browser and look for a closed padlock or an unbroken key.
Your security and peace of mind are of the utmost importance to us and we are constantly striving to safeguard them.
By placing an order with us and/or giving data to us you confirm that you are over the age of 18 and that you understand and agree that the information you provide will be held on our database.
Heswall Laser Clinic shall be the data controller for the purposes of data protection legislation.
The information you provide will be used by us and any necessary third parties to provide you with the products and services you request.
We may communicate with you where there is a legitimate business interest to do so. This will include sending you:
- operational communications – for example for customer care purposes or to keep you updated about the progress of your order when it will be delivered and thereafter any changes to the products and services ordered; and
- marketing communications – for example, to keep you informed about our or carefully selected third party products and services, offers, promotions, prize draws, and competitions etc.
Our communications may be sent by email, telephone (including SMS), via social media platforms (i.e. Facebook/Twitter/Instagram etc.), post, fax and/or any other appropriate means including new technology.
Unless you “opt-out” of our marketing communications, you agree to receive our marketing communications.
We never make your personal details available to third-party companies for their purposes alone.
We may track our emails by including a tiny image file, known as a tracking pixel/beacon/cookie, within certain emails that we send to you.
We track our emails to help us improve the performance of our email campaigns and to help ensure that our emails have been read by you and/or are of interest to you.
Tracking our emails in this way may enable us to gather the following personal data from your device (this list is not exhaustive): confirmation that you opened our email; when you opened our email; how many times you opened our email; from which server you opened our email, including the server’s IP address (and therefore location); which type of device, operating system and/or software you used to open the email; which link(s) to our website(s) you clicked within the email; and when combined with Google Analytics data, the certain activity you subsequently carry out on our website(s).
By using our website or otherwise submitting your email address to us, you agree to us tracking our emails, as detailed above.
If you do not want us to track our marketing emails you should “opt-out” of our marketing communications, as detailed directly below.
“OPTING-OUT” OF MARKETING COMMUNICATIONS
Each marketing communication that you receive from us will include instructions on how you can “opt-out” of future marketing communications. Accordingly, if you want to “opt-out” of future marketing communications please follow those instructions.
Otherwise, you can “opt-out” of future marketing communications at any time by contacting us using the contact details shown on our website or alternatively you may write to us (providing your contact details and any customer/order number) at the following address: Heswall Laser Clinic, The First Shop, Milner Road, Heswall CH60 5RZ, United Kingdom.
PERSONAL DATA BELONGING TO OTHERS
If you provide us with any personal data that does not belong to you:
- the data owner must be over the age of 18;
- you do so having first obtained the data owner’s consent, in accordance with all applicable data protection laws;
- you agree that we may inform the data owner that you have provided us with their personal data.
The following information is provided in accordance with Article 13 of the General Data Protection Regulations 2016 (“GDPR”).
The identity of your data controller is Heswall Laser Clinic and you may contact Heswall Laser Clinic’ Data Protection Officer by writing to: Data Protection Officer, Heswall Laser Clinic, The First Shop, Milner Road, Heswall CH60 5RZ, United Kingdom.
Your personal data will be processed internally by Heswall Laser Clinic in order to enable us to deliver the products and services you have purchased from us.
Your personal data may also be processed by carefully selected third parties (acting as our data processors) so that they can provide us with their products and services which, in turn, enables us to deliver our products and services to you.
We intend to process your personal data where there is a legitimate business interest to do so. This may involve sending you communications, as detailed within the above section headed “communications” as well as for one or more of the following non-exhaustive reasons:
- to provide you with the products and services you have ordered, including from third parties;
- to provide you with information about other products and services that either we or carefully selected third parties offer, which are similar to those that you have purchased or enquired about;
- to notify you about changes to our products and services;
- to improve the performance of our products and services or our website (including search engine optimisation); or
- to carry out market research, business analysis and to collate management information.
The personal data that we collect from you may be transferred, processed and/or stored outside of the European Economic Area (“EEA”). This may take place by ourselves or one of our sub-contractors or suppliers in accordance with all applicable data protection law.
By using our website or otherwise submitting personal information to us, you agree to this transfer, storing or processing and acknowledge that this may mean that your personal information may not be protected to standards similar to those in the EEA.
Your personal data will be processed by us for a period consistent with the GDPR, and for no longer than is necessary.
You have the right to request from us access to and rectification or erasure of personal data or restriction of processing concerning your personal data or to object to the processing as well as the right to data portability, details are set out below.
You may withdraw your consent for us to process your personal data at any time. However, if we need to process your personal data to deliver a product or service to you then we may have to stop providing such product or service to you.
You have the right to complain to the UK’s Information Commissioners Office.
The provision of personal data by you is a contractual requirement in order for us to deliver a product or service to you.
YOUR RIGHTS UNDER THE GDPR
If your personal data is transferred, processed and/or stored outside of the EEA you have the right to be informed of the appropriate safeguards relating to the transfer.
Please note that your rights under the GDPR are set out below:
Article 15 Right of access
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
- the right to lodge a complaint with a supervisory authority (this being UK’s Information Commissioners Office);
- where the personal data are not collected from you, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Article 16 Right to rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you, in accordance with the GDPR. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Article 17 Right to erasure (‘right to be forgotten’)
You have the right to obtain from us the erasure of personal data concerning you without undue delay, in accordance with the GDPR. This shall not apply to the extent that processing is necessary; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
If you exercise your right to erasure, you understand, agree and acknowledge that we may be unable to deliver some or all of the products and services that you have ordered and/or enquired about.
Article 18 Right to restriction of processing
You have the right to obtain from us the restriction of processing, in accordance with the GDPR. Where processing has been so restricted such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a European Member State.
If you exercise your right to restriction of processing, you understand, agree and acknowledge that we may be unable to deliver some or all of the products and services that you have ordered and/or enquired about.
Article 20 Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another without hindrance from us where:
- the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) or on a contract pursuant Article 6(1)(b); and
- the processing is carried out by automated means.
Article 21 Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data, in accordance with the GDPR. In such circumstances, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If you exercise your right to object, you understand, agree and acknowledge that we may be unable to deliver some or all of the products and services that you have ordered and/or enquired about.
We shall provide a copy of the personal data undergoing processing. For any further copies requested by you, we may charge a reasonable fee based on administrative costs. Where you make the request by electronic means, and unless otherwise requested by you, the information shall be provided in a commonly used electronic form.
We may vary this policy at any time and any variations that we make will be displayed on this page by uploading an updated version of the policy.
You should check this page frequently for any variations and you agree that this is an appropriate method to vary this policy.