- Who We Are
D’Arcy-Hall Skin Studio
The Studio, Greenacres, Church Lane, Mottistone, PO30 4ED
We act as the data controller for the personal information we collect.
2. What Information We Collect
We collect personal data both in-person and through our website and online booking system:
Personal & Contact Information
- Name, date of birth, phone number, email address, postal address
Medical & Treatment Information
- Medical history, current medications, allergies, treatment plans, before/after photos (with consent)
Online Booking Data
- Appointment details (date/time, service requested)
- Notes or messages you submit with your booking
- IP address, browser type, and device info (automatically collected)
Financial Information
- Payment method details (handled securely via third-party processors; we do not store card details)
Website Usage Data
- Cookies and analytics (Google Analytics, Meta Pixel, etc.)
- Browsing patterns and usage data on our site
3. How We Use Your Information
We use your personal data to:
- Schedule and manage appointments
- Deliver treatments safely and effectively
- Respond to queries or follow-up after consultations
- Send appointment reminders and confirmations via SMS or email
- Process payments and manage invoices
- Comply with legal and clinical obligations
- Improve our services and website performance
- With your consent, use anonymised images or testimonials for marketing
4. Our Legal Bases for Processing Data
Under UK GDPR, we rely on the following lawful bases:
- Consent – For marketing communications, use of photos, cookies (where applicable)
- Contract – To provide and manage treatments and appointments
- Legal obligation – For regulatory and record-keeping requirements
- Vital interests – For medical safety
- Legitimate interests – To run and improve our business (provided your rights are not overridden)
5. Sharing Your Data
We will never sell your data. We may share it with:
- Licensed practitioners within our clinic
- Third-party providers (e.g., booking platforms, secure email/SMS, cloud hosting, payment processors)
- Legal or regulatory authorities if required by law
All third parties must comply with strict confidentiality and data protection agreements.
6.How We Store & Protect Your Data
We implement strong technical and organisational safeguards, including:
- Encrypted booking and medical systems
- Secure website hosting with SSL
- Password-protected files and limited access for staff
- Regular backups and software updates
We only retain data as long as necessary to fulfil our services and comply with legal obligations. Medical records are typically held for 8 years.
7.Your Rights Under UK GDPR
You have the right to:
- Access your personal data
- Correct inaccurate or incomplete data
- Request deletion (where appropriate)
- Object to or restrict processing
- Withdraw consent at any time
- File a complaint with the Information Commissioner’s Office (ICO)
To make a data request, email us at: studio@darcy-hall.co.uk
8. Cookies & Website Analytics
We use cookies and tracking tools on our website to:
- Monitor traffic and performance (e.g., via Google Analytics)
- Enable online bookings and contact forms
- Improve your website experience
You can disable cookies in your browser settings or via our cookie banner when you visit the site.
9. Marketing & Photo Use
We may use anonymised client testimonials, reviews, or before/after photos for educational or promotional purposes. You can withdraw this consent at any time.
10. Updates to This Policy
We may update this Privacy Policy periodically. The latest version will always be posted on our website, with a revised May 2028.
11. Contact Details
If you have any questions or concerns about this Privacy Policy or your data rights, please contact:
D’Arcy-Hall Skin Studio
Greenacres, Church Lane, Mottistone, PO30 4ED.
studio@darcy-hall.co.uk
If you’re unsatisfied with our response, you may contact the ICO:
www.ico.org.uk | 0303 123 1113