Privacy Policy

Last updated: 10 February 2026

Introduction

Axiom Aesthetics (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, book treatments, or interact with our services. We operate in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: Axiom Aesthetics Ltd
Last Updated: February 2026

Information We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Full name, title, date of birth, gender
  • Contact Data: Email address, telephone number, postal address
  • Health Data: Medical history, allergies, skin conditions, treatment records, before and after photographs (with your explicit consent)
  • Financial Data: Payment card details (processed securely via our payment provider), billing address
  • Technical Data: IP address, browser type, operating system, referring URLs, pages visited, time spent on site
  • Booking Data: Appointment dates, treatment preferences, consultation notes
  • Communication Data: Correspondence via email, contact forms, or telephone

How We Use Your Information

We use your personal data for the following purposes:

  • To provide and manage your aesthetic treatments and consultations
  • To process bookings, payments, and manage your account
  • To communicate appointment reminders, aftercare instructions, and follow-ups
  • To maintain accurate medical records as required by law
  • To send marketing communications about our services (only with your consent)
  • To improve our website, services, and patient experience
  • To comply with legal and regulatory obligations
  • To respond to complaints and resolve disputes

Legal Basis for Processing

We process your personal data under the following legal bases as defined by the UK GDPR:

  • Consent (Article 6(1)(a)): For marketing communications and processing of health data for treatments
  • Contract (Article 6(1)(b)): To fulfil our obligations when you book a treatment or consultation
  • Legal Obligation (Article 6(1)(c)): To comply with healthcare regulations and tax requirements
  • Legitimate Interest (Article 6(1)(f)): To improve our services, maintain security, and manage our business operations

For special category data (health records), we rely on your explicit consent under Article 9(2)(a) of the UK GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Medical records: 10 years from last treatment (in line with NHS guidelines)
  • Financial records: 7 years (HMRC requirements)
  • Marketing consent records: Until you withdraw consent
  • Website analytics data: 26 months
  • General correspondence: 3 years from last contact

Your Rights Under the GDPR

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal retention requirements)
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us using the details below. We will respond within one calendar month.

Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device. We use:

  • Essential Cookies: Required for the website to function properly (e.g., session management, booking system)
  • Analytics Cookies: Help us understand how visitors interact with our site (Google Analytics)
  • Functional Cookies: Remember your preferences and settings

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

Third-Party Services

We may share your data with trusted third parties who assist in our operations:

  • Payment Processors: Stripe for secure payment handling (PCI DSS compliant)
  • Email Services: For appointment confirmations and marketing (with consent)
  • Analytics: Google Analytics for website usage data
  • Cloud Storage: Secure, UK/EU-based hosting for medical records

We ensure all third-party processors have appropriate data protection agreements in place and comply with UK GDPR standards. We do not sell your personal data to any third party.

Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption, access controls, secure servers, and regular security assessments.

Contact Information

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Axiom Aesthetics
Email: [email protected]
Phone: 020 7946 0958

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: ico.org.uk
Telephone: 0303 123 1113

Medical Disclaimer

This content is provided for informational purposes only and does not constitute medical advice. Individual results may vary. Always consult with a qualified medical professional before undergoing any treatment. All treatments carry potential risks and side effects which will be fully discussed during your consultation.

Questions about this policy?

If you have any questions or concerns, please don't hesitate to contact us. We're committed to transparency.

Contact Us