Privacy Policy - Harley Hair DX

1. Introduction

Harleyhairdx (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us in compliance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.

2. Who we are

Harleyhairdx

3rd Floor, 2 Harley Street, London W1G 9PA – Head Office Surgical Location

UNTIL, 1 Orchard St, London W1H 6HJ

Data Protection Officer: Operations Director
Contact: info@harleyhairdx.com

3. What information we collect

We may collect and process the following data about you:

Identity Data: Name, date of birth, gender.
Contact Data: Address, email, phone number.
Medical Data: Relevant health information necessary for your consultation, treatment planning, or procedures.
Financial Data: Payment card details or bank details for transactions.
Technical Data: IP address, browser type, and browsing actions collected via cookies.
Marketing and Communications Data: Your preferences in receiving marketing from us.

4. How we collect your information

Directly from you (e.g. consultation forms, online forms, phone calls, emails)
Through our website cookies (see our Cookie Policy)
From third parties with your consent (e.g. referring GPs or specialists)

5. How we use your information

We use your personal data:

To provide you with consultations, treatments, and aftercare.
To manage payments, fees, and charges.
To communicate with you regarding appointments, follow-ups, and enquiries.
To comply with legal and regulatory obligations.
With your consent, to send you marketing communications.

6. Legal basis for processing

We process your data under the following legal bases:

Performance of a contract: To provide treatment and related services.
Legal obligation: For compliance with applicable laws.
Consent: For marketing communications and, where required, processing of special category data.
Legitimate interests: To manage and improve our services.

7. Sharing your information

We may share your personal data with:

Our clinical and administrative team.
Service providers acting as processors (e.g. IT systems, website hosting, payment providers).
Regulatory bodies or law enforcement if required by law.
Referring practitioners with your consent.

We do not sell your data to third parties.

8. International data transfers

If we transfer your data outside the UK, we will ensure it is protected by appropriate safeguards in compliance with UK GDPR.

9. Data security

We have put in place security measures to prevent your personal data from being accidentally lost, used, or accessed unlawfully. Access is limited to authorised personnel.

10. Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including legal, accounting, and regulatory requirements. Medical records are retained in line with clinical guidelines (usually at least 8 years).

11. Your rights

You have the right to:

Request access to your personal data.
Request correction of inaccurate data.
Request erasure of your data in certain circumstances.
Object to or restrict processing in certain circumstances.
Request transfer of your data to another provider.
Withdraw consent at any time where consent is relied upon.

To exercise these rights, please contact Operations Director.

12. Complaints

If you have any questions or concerns about your personal data, please contact our Data Protection Officer at info@harleyhairdx.com.

You can also lodge a complaint with the Information Commissioner’s Office (ICO) via www.ico.org.uk.

13. Changes to this policy

We may update this policy from time to time. The latest version will always be available on our website.

14. Contact us

If you have questions about this Privacy Policy, please contact:

2 Harley Street, London WIG 9PA.