Skip to main content

PRIVACY AND COOKIE POLICY

Privacy and Cookie Policy

Wimbledon Clinic Aesthetics
(Trading name of Wimbledon Clinic Ltd)

Last updated: 27.02.2026

1. Introduction

Wimbledon Clinic Aesthetics is a trading name of Wimbledon Clinic Ltd (“we”, “us”, “our”). We are committed to protecting your personal data and respecting your privacy.

This Privacy and Cookie Policy explains:

  • What personal data we collect
  • How and why we use it
  • How we keep it secure
  • Your legal rights
  • How we use cookies on our website

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and other applicable UK data protection laws.

This policy applies to:

  • Visitors to our website
  • Clients and prospective clients
  • Individuals who contact us by phone, email, social media or in person

2. Who We Are

Data Controller: Wimbledon Clinic Ltd
Trading Name: Wimbledon Clinic Aesthetics
Location: Wimbledon, London, United Kingdom
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Telephone: 020 8540 3389

As the data controller, we are responsible for deciding how your personal data is used and ensuring it is handled lawfully and securely.

3. The Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide to Us

This may include:

  • Full name
  • Date of birth
  • Address
  • Email address
  • Telephone number
  • Medical history relevant to aesthetic treatments
  • Treatment records and consultation notes
  • Photographs (with your consent)
  • Payment and billing information
  • Marketing preferences

If you apply for a role with us, we may also collect:

  • CV and employment history
  • Qualifications
  • References

3.2 Health and Special Category Data

As an aesthetics clinic, we process health information to safely provide treatments. This is classed as “special category data” under UK GDPR.

We only process this data when:

  • It is necessary for medical purposes or treatment
  • You have provided explicit consent
  • It is required for legal or regulatory reasons

3.3 Information Collected Automatically (Website Use)

When you visit our website, we may collect:

  • IP address
  • Device type
  • Browser type
  • Pages visited
  • Time spent on pages
  • Referral source (e.g. Google search)

This data is typically anonymised and used for analytics and website improvement.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis to process your personal data. These may include:

  • Consent – where you have given clear permission (e.g. marketing emails, treatment photography)
  • Contract – where processing is necessary to provide treatment or respond to your enquiry
  • Legal obligation – where we are required to retain records (e.g. tax or medical regulations)
  • Legitimate interests – to operate and improve our clinic and services, provided your rights are not overridden

You may withdraw consent at any time by contacting us.

5. How We Use Your Information

We use your personal data to:

  • Provide consultations and aesthetic treatments
  • Maintain accurate medical and treatment records
  • Communicate with you about appointments
  • Process payments and issue invoices
  • Send service updates
  • Respond to enquiries or complaints
  • Comply with legal and regulatory obligations
  • Improve our services and website
  • Send marketing communications (only where you have opted in)

We do not sell your personal data to third parties.

6. Sharing Your Data

We may share your data with:

  • Regulated healthcare professionals within our clinic
  • Payment processors
  • IT and secure cloud storage providers
  • Accountants and legal advisers
  • Regulators or insurers (where legally required)

All third-party providers are required to handle your data securely and in accordance with UK data protection laws.

7. International Transfers

Some of our service providers (such as cloud storage or analytics platforms) may process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • UK adequacy regulations
  • Standard Contractual Clauses (SCCs)
  • Secure encrypted systems

8. Data Retention

We only retain personal data for as long as necessary.

For example:

  • Medical and treatment records are retained in line with UK healthcare record-keeping guidelines.
  • Financial records are retained for HMRC requirements (usually 6–7 years).
  • Marketing data is kept until you withdraw consent.

When data is no longer required, it is securely deleted or anonymised.

9. Data Security

We take appropriate technical and organisational measures to protect your data, including:

  • Secure encrypted systems
  • Password-protected databases
  • SSL encryption on our website (https://)
  • Restricted access to sensitive data
  • Secure cloud-based storage

While we take reasonable precautions, no online transmission can be guaranteed 100% secure.

Cookie Policy

10. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help the website function properly and provide information about how visitors use it.

11. Types of Cookies We Use

11.1 Essential Cookies

These are necessary for the website to function properly and cannot be switched off.

11.2 Analytics Cookies

We may use tools such as Google Analytics to collect anonymised information about how visitors use our website.

This helps us understand:

  • Which pages are popular
  • How visitors navigate the site
  • How we can improve user experience

Google may store data on secure servers outside the UK. You can read Google’s privacy policy on their website.

11.3 Marketing Cookies

If used, these may track browsing activity to show relevant advertisements. These will only be activated where you have given consent via our cookie banner.

12. Managing Cookies

You can:

  • Accept or reject non-essential cookies via our cookie banner
  • Change your browser settings to block or delete cookies
  • Withdraw consent at any time

Please note that disabling some cookies may affect website functionality.

For more information about cookies, visit the UK Information Commissioner’s Office (ICO) website.

Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

Making a Request

To exercise any of your rights, please contact us at:
This email address is being protected from spambots. You need JavaScript enabled to view it.

We aim to respond within one month.

Complaints

If you are unhappy with how we handle your data, you may contact:

Information Commissioner’s Office (ICO)
Website: https://www.ico.org.uk

We would, however, appreciate the opportunity to resolve your concerns first.

13. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices or content of those websites. Please review their policies before providing personal data.

14. Changes to This Policy

We may update this Privacy and Cookie Policy from time to time. The latest version will always be available on our website with the updated revision date.

If you have any questions about this policy or how we handle your personal data, please contact Wimbledon Clinic Aesthetics directly.

Wimbledon Clinic Aesthetics
Trading name of Wimbledon Clinic Ltd
Wimbledon, London
United Kingdom