top of page

+44 7394 050 334

|

82A Baker Street, W1U 6AA

Privacy Policy

Last updated: 26/08/2025.

Sigma Clinic Ltd (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Sigma Clinic Ltd, registered in England & Wales under company number [insert], with its registered office at 82A Baker Street, London, W1U 6AA, is the Data Controller responsible for your personal data.

1. Information We Collect

We may collect the following types of information when you use our services:

  • Identity Data – full name, date of birth, gender.

  • Contact Data – email, telephone number, billing and postal address.

  • Health Data (special category data) – medical history, allergies, medications, and treatment notes (necessary to ensure your safety).

  • Financial Data – payment details (processed securely by third-party providers, we do not store card numbers).

  • Technical Data – IP address, browser type, operating system, cookies, and analytics data.

  • Marketing & Communication Data – your preferences for receiving promotional materials.

 

We do not knowingly collect data relating to children under the age of 18 without verified parental or guardian consent.

2. How We Collect Your Information

  • Directly from you – when booking, completing consultation forms, or contacting us.

  • Automatically – through cookies and analytics when you use our website.

  • From third parties – such as payment processors, booking platforms, or referral partners (where legally permitted).

3. How We Use Your Information

We process your personal data under the following lawful bases:

  • Contractual necessity – to provide treatments, consultations, and manage your bookings.

  • Legal obligation – to maintain medical records in line with healthcare regulations.

  • Consent – for sending marketing communications and for processing special category health data.

  • Legitimate interests – to improve services, prevent fraud, and monitor website performance.

 

Purposes include:

  • Safely providing aesthetic treatments.

  • Managing appointments, billing, and payments.

  • Sending reminders, service updates, and offers (where consented).

  • Meeting regulatory, clinical, and health & safety requirements.

4. Special Category Data

Health data is classed as “special category data” under UK GDPR. We process this information only:

  • Where necessary for medical and treatment purposes, and

  • With your explicit consent provided through consultation and consent forms.

5. Sharing Your Information

We do not sell your personal data. We may share it with:

  • Qualified practitioners providing your treatments.

  • IT service providers, booking and payment platforms (e.g. [insert providers]).

  • Regulators, insurers, or legal authorities where legally required.

  • Marketing and communications platforms (only with your explicit consent).

 

If data is transferred outside the UK/EEA (for example, by Google or Meta), we ensure safeguards such as Standard Contractual Clauses are in place.

6. Data Retention

We retain personal data only as long as necessary:

  • Medical records – at least 10 years, in line with clinical guidelines.

  • Financial records – as required by HMRC (typically 6 years).

  • Marketing data – until you withdraw consent.

  • Enquiry forms, cookies, and analytics data – no longer than 24 months.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access and request a copy of your data.

  • Rectify incorrect or incomplete information.

  • Erase your data (“right to be forgotten”), subject to medical/legal requirements.

  • Restrict or object to processing.

  • Withdraw consent at any time.

  • Data portability (where applicable).

  • Lodge a complaint first with us, and if unresolved, with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

8. Automated Processing

We do not carry out automated decision-making or profiling with your personal data.

9. Security

We use industry-standard measures, including SSL encryption, secure servers, and restricted access controls, to protect your data from loss, misuse, or unauthorised access.

10. Cookies

We use cookies and similar technologies on our website. Please see our Cookies Policy for details.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated date.

12. Contact Us

For privacy queries or to exercise your rights, please contact:

📧 info@sigmaskinclinic.co.uk

📍 Sigma Clinic, 82A Baker Street, London, W1U 6AA

📞 +44 [insert phone number]

bottom of page