Privacy Policy

Last updated: 3rd July 2025

At Aesthetics by Kelly, your privacy matters. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or receive treatment at the clinic. We’re committed to respecting your privacy and handling your information responsibly and in line with UK GDPR.

Who We Are

Aesthetics by Kelly
Based in Edinburgh, UK
e: kkajmoffat@aol.com
t: 07988602204

Kelly is a fully qualified nurse prescriber and registered healthcare professional with the NMC.

What Personal Data We Collect

We may collect and process the following types of personal data:

  • Contact information: name, email address, phone number

  • Booking details: treatment type, appointment dates

  • Health and medical information: relevant medical history or allergies (collected during consultations)

  • Website usage: IP address, browser type, and activity (via cookies or analytics tools)

We only collect data that’s necessary to deliver your care and improve your experience.

How We Use Your Information

We may use your information to:

  • Arrange and manage appointments

  • Assess suitability for treatment

  • Provide safe and personalised aesthetic care

  • Respond to enquiries or follow up after appointments

  • Send updates about bookings or changes to policies

  • Improve our website and user experience

We do not share your data with third parties for marketing or advertising.

Legal Basis for Processing

Under GDPR, we process personal data based on:

  • Consent – for communication and marketing preferences (you can withdraw at any time)

  • Contract – to provide services you’ve requested

  • Legal obligation – to meet health and safety or medical record requirements

  • Legitimate interest – to improve service quality and respond to enquiries

How We Store & Protect Your Data

Your data is stored securely in password-protected systems and encrypted databases (e.g. booking platforms, email, and clinical records). Access is limited to those who need it to provide your care.

We retain personal and medical data only as long as necessary for treatment and legal obligations (e.g. medical records retention laws).

Your Rights Under GDPR

You have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate data

  • Request deletion of your data (where legally applicable)

  • Withdraw consent at any time

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise any of these rights, please contact us at kkajmoffat@aol.com

Third-Party Services

We may use secure, GDPR-compliant third-party services (e.g. booking systems, payment processors, email providers) to help us run the clinic. These providers may have access to your data only as needed to perform their services.

Cookies and Analytics

We use cookies on our website to enhance your browsing experience and understand how the site is used. See our [Cookies Policy] for full details.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted here, and significant updates will be communicated via email if you’re an active client.

Contact Us

If you have any questions about this policy or how your data is handled, please get in touch:
e: kkajmoffat@aol.com
t: 07988602204