DermaNutriCare logo DermaNutriCare
Home Services About Us Contact
Book Consultation
DermaNutriCare Ltd
125 Harley Street, London
Mon-Fri: 9:00-18:00, Sat: 10:00-16:00
+44 20 7123 4567

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.

Last updated: December 2024

Effective date: December 2024

1. Introduction

DermaNutriCare Ltd ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.dermanutricare.com and use our services.

This policy applies to all information we collect through our website, services, and communications. By using our services, you consent to the data practices described in this policy.

We are a registered company in England and Wales (Company Registration Number: 12345678) with our registered office at 125 Harley Street, Marylebone, London W1G 6BA, United Kingdom. We operate under the UK GDPR and Data Protection Act 2018.

2. Information We Collect

We collect several types of information from and about users of our website and services:

Personal Information

  • Contact information (name, email address, phone number)
  • Billing and shipping addresses
  • Medical information relevant to dermatological care (only with your explicit consent)
  • Payment information (processed securely through third-party providers)
  • Account credentials and profile information
  • Communication preferences

Automatically Collected Information

  • IP address and location data
  • Browser type and version
  • Device information and operating system
  • Pages visited and time spent on our site
  • Referring website information
  • Usage patterns and preferences

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience. For detailed information about our use of cookies, please see our Cookie Policy.

3. How We Use Your Information

We use the information we collect for various purposes, including:

Service Provision

  • Providing dermatological consultations
  • Processing orders and payments
  • Delivering products and services
  • Managing your account

Communication

  • Responding to inquiries
  • Sending appointment confirmations
  • Providing customer support
  • Marketing communications (with consent)

Legal and Security

  • Compliance with legal obligations
  • Fraud prevention
  • Data security and protection
  • Regulatory reporting

Improvement and Analytics

  • Website optimization
  • Service improvement
  • User experience enhancement
  • Research and development

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

Service Providers

We may share information with trusted third-party service providers who assist us in operating our website, conducting business, or serving users. These providers have access only to perform these tasks on our behalf and are obligated to protect your information.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, or to enforce our terms and conditions.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, with appropriate notice provided.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication measures
  • Staff training on data protection and security
  • Secure data storage and backup procedures
  • Incident response and breach notification procedures

While we strive to protect your personal information, please note that no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously monitor and improve our security practices.

6. Your Rights Under GDPR

Under UK GDPR, you have the following rights regarding your personal information:

Right of Access

You can request confirmation of whether we process your personal data and access to your data and related information.

Right to Rectification

You can request correction of inaccurate personal data or completion of incomplete data.

Right to Erasure

You can request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for its original purpose.

Right to Restrict Processing

You can request restriction of processing of your personal data under specific conditions.

Right to Data Portability

You can request transfer of your personal data to another organization in a structured, commonly used format.

Right to Object

You can object to processing of your personal data for direct marketing purposes or based on legitimate interests.

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within one month.

7. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies are small text files stored on your device that help us:

Essential Cookies

Required for basic website functionality and security

Analytics Cookies

Help us understand how visitors interact with our website

Marketing Cookies

Used to deliver relevant advertisements and measure effectiveness

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect website functionality. For detailed information about our use of cookies, please see our Cookie Policy.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our retention periods include:

  • Customer Information: 7 years after last interaction (for regulatory compliance)
  • Medical Records: As required by healthcare regulations (minimum 10 years)
  • Marketing Data: Until you withdraw consent or 3 years, whichever is shorter
  • Website Analytics: 26 months from collection
  • Financial Records: 7 years for tax and accounting purposes

When information is no longer needed, we securely delete or anonymize it in accordance with our data retention policies and applicable laws.

9. International Data Transfers

Your personal information may be transferred to and processed in countries other than the UK. When we transfer data outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • Adequacy decisions by the UK government or European Commission
  • Standard Contractual Clauses approved by regulatory authorities
  • Binding Corporate Rules for intra-group transfers
  • Certification schemes and codes of conduct

For service providers located outside the UK/EEA, we implement appropriate contractual and technical measures to ensure your data receives adequate protection.

10. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

For parents or guardians who believe their child has provided personal information to us, please contact us immediately using the information below.

Note: In the UK, parental consent is required for processing personal data of children under 13. For children aged 13-16, consent may be required depending on the service.

11. Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach.

When required, we will also notify affected individuals without undue delay, providing information about:

  • The nature of the data breach
  • Likely consequences of the breach
  • Measures taken or proposed to address the breach
  • Steps individuals can take to protect themselves
  • Contact information for further assistance

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will update the "Last updated" date at the top of this policy
  • Significant changes will be highlighted prominently on our website
  • Material changes will be communicated via email to registered users
  • Continued use of our services constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Inquiries

Company: DermaNutriCare Ltd

Address: 125 Harley Street, Marylebone, London W1G 6BA, United Kingdom

Phone: +44 20 7123 4567

Email: [email protected]

Business Hours

Monday - Friday: 9:00 AM - 6:00 PM

Saturday: 10:00 AM - 4:00 PM

Sunday: Closed

Data Protection Officer

For specific data protection inquiries, you can also contact our Data Protection Officer:

Email: [email protected]

Right to Lodge a Complaint

If you are not satisfied with our response to your concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: ico.org.uk

Phone: 0303 123 1113

Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF