Book Now

Privacy Policy

Last updated: [21.09.2025]

D-FINERY CLINIC (“we,” “our,” “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

The data controller is DFINERY CLINIC LTD, registered in the United Kingdom with business address at:

📍 13 Trematon Building, 1 Trematon Walk, London, Greater London, England, N1 9FN

📧 juda@d-finery.com

2. Information We Collect

  • Identity & Contact Data: Name, email, phone number, billing/delivery address.
  • Appointment Data: Health or treatment-related information you provide when booking.
  • Transaction Data: Purchase history, order details, payment method (we do not store card details).
  • Technical Data: IP address, browser type, device identifiers, cookies, analytics data.

3. How We Use Your Data

We process your personal data for:

  • Managing and confirming appointments.
  • Providing treatments safely and effectively.
  • Processing and delivering online shop orders.
  • Responding to your queries or complaints.
  • Complying with legal obligations (e.g., health & safety, taxation).
  • Improving our website and customer experience.

4. Legal Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Contract – to provide you with services or products you requested.
  • Consent – for sending marketing emails or newsletters (you may withdraw at any time).
  • Legal obligation – to comply with regulatory or tax requirements.
  • Legitimate interest – to improve services and protect against fraud.

5. Sharing of Data

We only share your data with:

  • Payment providers (Stripe, PayPal, etc.).
  • Delivery and logistics companies.
  • IT and website hosting providers.
  • Regulators, if legally required. We never sell or rent your data to third parties.

6. International Transfers

If data is transferred outside the UK (e.g., via service providers), we ensure appropriate safeguards (UK adequacy decisions or Standard Contractual Clauses).

7. Data Retention

We keep your data only as long as necessary:

  • Appointment/medical records – minimum 7 years (as required by UK healthcare regulations).
  • Transaction records – 6 years (for tax purposes).
  • Marketing data – until you withdraw consent.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data.
  • Request correction or deletion.
  • Restrict or object to processing.
  • Request data portability.
  • Withdraw consent at any time. To exercise these rights, contact us at [Insert email].

9. Cookies

Our website uses cookies for functionality, analytics, and advertising. You can manage cookie preferences in your browser settings.

10. Security

We use encryption, secure servers, and restricted access to protect your data.

11. Complaints

If you are unhappy with how we handle your data, you can contact the Information Commissioner’s Office (ICO): https://ico.org.uk.