top of page

Privacy & Cookie Policy

Effective Date: 1st March 2026

JB Aesthetics is committed to protecting your privacy and ensuring your personal data is handled securely and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our services or visit our website.

1. DATA CONTROLLER

JB Aesthetics is the Data Controller responsible for your personal data.

JB Aesthetics
UNTIL, 1 Orchard Street, W1H 6HJ
Email: info@jbaesthetics.com
Telephone: +44 7774 569396

If you have any questions about this Privacy Policy or your personal data, please contact us using the details above.

2. WHAT PERSONAL DATA WE COLLECT

We may collect and process the following personal information:

Identity and Contact Data

  • Full name

  • Date of birth

  • Address

  • Email address

  • Telephone number

 

Medical Information (Special Category Data)

  • Medical history

  • Consultation records

  • Treatment records

  • Medication information

  • Allergies

  • Clinical photographs

This information is necessary to safely assess and provide medical and aesthetic treatments.

 

Website and Enquiry Data

When you submit an enquiry via our website, we may collect:

  • Name

  • Email address

  • Telephone number

  • Any information you provide in your enquiry

You will be required to confirm that you have read and understood this Privacy Policy before submitting your personal data.

 

Website Usage Data

Our website may automatically collect certain technical data, including:

  • IP address

  • Browser type and version

  • Device type

  • Pages visited

  • Website interaction data

This information is used to improve website functionality and performance.

 

 

3. HOW WE COLLECT YOUR DATA

We collect personal data when you:

  • Book an appointment

  • Attend a consultation or treatment

  • Complete medical or consent forms

  • Contact us via phone, email, or website

  • Submit website enquiry forms

  • Subscribe to marketing communications

 

4. HOW WE USE YOUR PERSONAL DATA

We use your personal data to:

  • Provide safe and appropriate medical and aesthetic treatments

  • Assess your suitability for treatment

  • Maintain accurate medical records

  • Communicate with you regarding appointments and aftercare

  • Respond to enquiries

  • Improve our services

  • Meet legal and regulatory obligations

 

 

5. LEGAL BASIS FOR PROCESSING YOUR DATA

 

Under UK GDPR, we rely on the following lawful bases:

  • Medical Care

  • Processing is necessary for the provision of healthcare and medical treatment.

  • Legitimate Interests

  • Processing is necessary to operate and manage our clinic safely and effectively.

  • Legal Obligation

  • Processing is necessary to comply with legal and regulatory requirements.

 

Consent

We rely on your consent for marketing communications and optional use of clinical photography.

You may withdraw your consent at any time.

6. MEDICAL RECORDS STORAGE

Your medical records are securely stored using encrypted electronic medical records software, Pabau.

Your medical records are retained indefinitely to:

  • Ensure continuity of care

  • Protect patient safety

  • Meet legal and regulatory requirements

  • Protect JB Aesthetics in the event of medico-legal claims

Access to your data is restricted to authorised personnel only.

 

 

7. MARKETING COMMUNICATIONS

We may use your contact details to send you marketing communications, including:

  • Information about treatments and services

  • Special offers and promotions

  • Clinic updates

  • Invitations to events

 

These communications may be sent via:

  • Email

  • SMS

  • Telephone

 

You may withdraw your consent at any time by:

  • Clicking the unsubscribe link in marketing emails, or

  • Contacting us directly using the contact details provided above.

 

We will never sell or share your personal data with third parties for marketing purposes.

 

 

8. SHARING YOUR DATA

We do not sell your personal data.

We may share your personal data where necessary, including with:

  • Secure medical software providers (such as Pabau)

  • Healthcare professionals involved in your care

  • Legal or regulatory authorities where required

 

All third parties are required to comply with UK GDPR.

 

 

9. DATA SECURITY

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Secure electronic medical record systems

  • Encrypted data storage

  • Restricted access to authorised personnel

 

 

10. COOKIES

Our website uses cookies to improve functionality and user experience.

Cookies may be used to:

  • Ensure proper website operation

  • Analyse website traffic

  • Improve website performance

You can manage cookie preferences through your browser settings.

 

 

11. YOUR RIGHTS UNDER UK GDPR

You have the right to:

  • Request access to your personal data

  • Request correction of inaccurate data

  • Request erasure of your data where legally permitted

  • Request restriction of processing

  • Object to processing

  • Request transfer of your personal data

To exercise your rights, please contact us using the contact details provided above.

 

 

12. COMPLAINTS

If you are unhappy with how your personal data is handled, please contact us first so we can resolve your concerns.

Email: info@jbaesthetics.com

We will acknowledge complaints within 2 working days. We aim to resolve complaints promptly and fairly.

 

 

13. THIRD PARTY LINKS

Our website may contain links to external websites. We are not responsible for their privacy policies or practices.

 

 

14. UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time.

bottom of page