PRIVACY POLICY

1. INTRODUCTION

LUXURE Collective Ltd (“LUXURE”, “we”, “our”, or “us”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you visit our website, book services, or engage with our clinic.

LUXURE Collective Ltd is registered in England and Wales.

Company number: 16228167

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable healthcare regulatory standards.

2. INFORMATION WE COLLECT

We may collect and process the following categories of personal data:

Identity & Contact Information

  • Full name

  • Date of birth

  • Address

  • Email address

  • Telephone number

Booking & Service Information

  • Appointment history

  • Treatment preferences

  • Payment confirmations

Health Information (Special Category Data)

  • Medical history

  • Current medications

  • Relevant clinical information necessary for safe treatment

Technical Data

  • IP address

  • Browser type

  • Device information

  • Website usage data collected via cookies and analytics tools

Health data is collected only where necessary for safe clinical assessment and treatment delivery.

3. HOW WE USE YOUR INFORMATION

We use your information to:

  • Manage bookings and appointments

  • Provide safe and appropriate clinical services

  • Conduct medical assessments

  • Communicate regarding services and follow-up care

  • Process payments securely

  • Improve our website and service delivery

  • Comply with legal, regulatory, and professional obligations

  • Send marketing communications where explicit consent has been provided

We do not sell personal data and do not share it for third-party marketing purposes.

4. LEGAL BASIS FOR PROCESSING

We process personal data under one or more of the following lawful bases:

  • Performance of a contract

  • Compliance with legal obligations

  • Legitimate interests in operating and improving our services

  • Explicit consent (including for marketing communications)

  • Provision of healthcare services (special category health data)

5. THIRD PARTY SERVICE PROVIDERS

We use carefully selected third-party providers to support delivery of our services. These may include:

  • Secure medical record management systems (Pabau)

  • Payment processing providers

  • Website hosting platforms

  • Email marketing platforms

  • Analytics services

All third-party providers are required to process personal data in accordance with UK data protection law and maintain appropriate technical and organisational security measures.

We do not permit third parties to use personal data for their own marketing purposes.

6. DATA STORAGE & SECURITY

Clinical records are stored using a secure, UK-compliant medical management system (Pabau), which provides encrypted data storage and controlled access in accordance with healthcare data protection standards.

Personal data is accessed only by authorised personnel.

We implement appropriate technical and organisational measures to protect data from unauthorised access, alteration, disclosure, or loss.

Clinical records are maintained in accordance with professional medical standards and regulatory guidance.

7. INTERNATIONAL DATA TRANSFERS

Where personal data is transferred outside the United Kingdom (for example through secure cloud-based service providers), we ensure appropriate safeguards are in place, including standard contractual clauses or equivalent protective mechanisms as required under UK GDPR.

8. DATA RETENTION

Medical records are retained in accordance with professional regulatory guidance and NHS-aligned clinical record retention standards.

Non-clinical personal data is retained only for as long as necessary to fulfil contractual, legal, or legitimate business purposes.

Where consent for marketing is withdrawn, related marketing data will be removed promptly.

9. CLINICAL PHOTOGRAPHY & MEDIA

Where clinical photographs or media are taken for medical documentation, they form part of the confidential clinical record.

Use of any images for educational or marketing purposes will only occur with separate, explicit written consent.

Clients may withdraw media consent at any time, subject to lawful processing already undertaken.

10. MARKETING COMMUNICATIONS

Where you have opted in to receive communications from LUXURE, you may withdraw consent at any time by using the unsubscribe link provided or contacting us directly.

We do not send unsolicited marketing communications.

11. YOUR RIGHTS

Under UK GDPR, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate information

  • Request erasure (where legally permissible)

  • Request restriction of processing

  • Withdraw consent (where applicable)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

Further information about your rights can be found at www.ico.org.uk.

12. CONTACT

If you have any questions regarding this Privacy Policy or your personal data, please contact:

Email: hello@thisisluxure.co.uk

LUXURE Collective Ltd

Registered in England and Wales

Company Number: 16228167