Privacy policy

Last updated: 22/01/2026

HER² Skin Clinic (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal data when you interact with us, including through our website, booking systems, consultations, treatments and communications. We take the protection of your personal data very seriously and strictly adhere to the rules laid out by data protection laws and the General Data Protection Regulation (GDPR-EU and GDPR-UK)

1. Who We Are

HER² Skin Clinic is a skin and aesthetics clinic based in the UK.

Contact email: her2@rehabandrecover.co.uk
Registered address: Unit 2 - Rehab And Recover One Stop Golf, National Avenue, Hull, United Kingdom, HU5 4JB

2. What Personal Data We Collect

We may collect and process the following types of personal data:

a) Identity & Contact Data

  • Name

  • Date of birth

  • Email address

  • Phone number

  • Postal address

  • Next of Kin 

b) Health & Treatment Data (Special Category Data)

  • Medical history relevant to treatments

  • Skin concerns and conditions

  • Consultation notes and treatment plans

  • Treatment outcomes and aftercare notes

  • Clinical photographs taken for medical records (with consent)

  • GP contact details

c) Technical Data

  • IP address

  • Browser type and version

  • Device information

  • Website usage data via cookies

d) Booking & Payment Data

  • Appointment history

  • Payment records (we do not store full card details)

3. How We Collect Your Data

We collect data when you:

  • Complete forms on our website

  • Book appointments online or in person

  • Attend consultations or treatments

  • Communicate with us by email, phone, or social media

  • Opt in to marketing communications

4. Lawful Basis for Processing Your Data

We process your personal data under the following lawful bases:

  • Contractual necessity – to provide booked treatments and services

  • Legal obligation – to maintain medical records and comply with regulatory requirements

  • Legitimate interests – for clinic administration, record keeping, and service improvement

  • Consent – for marketing communications and clinical photography

  • Vital interests – where necessary to protect your health or safety

5. How We Use Your Data

We use your personal data to:

  • Provide safe and appropriate aesthetic treatments

  • Maintain accurate clinical records

  • Manage appointments and client communication

  • Process payments

  • Improve our services and client experience

  • Meet legal, insurance, and regulatory obligations

  • Send marketing communications where consent has been given

6. How We Store and Protect Your Data

Your personal and medical data is securely stored using Aesthetics Nurse Software, which we use as our booking, consultation, and clinical notes management system.

We take appropriate technical and organisational measures to protect your data, including:

  • Secure, encrypted systems

  • Password-protected access

  • Restricted access to sensitive information

  • Secure handling of any physical records

Data is retained only for as long as necessary to meet clinical, legal, and regulatory requirements.

7. Sharing Your Data

We do not sell or trade your personal data.

We may share your data with:

  • Aesthetics Nurse Software (our secure booking and clinical records system)

  • Payment processing providers

  • Professional advisers (such as accountants or insurers)

  • Regulatory bodies or legal authorities where required by law

All third-party service providers are required to comply with UK data protection legislation and act only on our instructions.

8. Marketing Communications

You will only receive marketing communications from us if:

  • You have explicitly opted in, or

  • You are an existing client receiving information about relevant services

You may withdraw your consent at any time by:

  • Clicking the unsubscribe link in emails

  • Contacting us directly at her2@rehabandrecover.co.uk

9. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate or incomplete data

  • Request erasure of your data (where legally permitted)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, please contact: her2@rehabandrecover.co.uk

10. Cookies

Our website uses cookies to enhance functionality and analyse website usage.
Further information can be found in our Cookie Policy.

11. Data Retention

Clinical and treatment records are retained in line with:

  • ICO guidance

  • Professional standards

  • Insurance and legal requirements

Non-clinical personal data is retained only as long as necessary for its purpose.

12. Complaints

We take any complaints about our collection and use of personal information very seriously. If you think that our collection or use of personal information is unfair, misleading, or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance. 

To make a complaint, please contact us via email on her2@rehabandrecover.co.uk or write to: Unit 2 - Rehab And Recover One Stop Golf, National Avenue, Hull, United Kingdom, HU5 4JB

You can also complain to the ICO if you are unhappy with how we have used your data. The ICO’s address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF 

Helpline number: 0303 123 1113 

Information Commissioner’s Office (ICO):

www.ico.org.uk

13. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on our website.