All personal data we collect is used and processed in accordance with UK and EU data protection laws and has been updated following the implementation of the General Data Protection Regulation (GDPR) on the 25 May 2018. London Tattoo Clinic Limited are registered with the Information Commissioner’s Office (ICO), certificate reference: ZA503728.
We are a Data Controller
London Tattoo Clinic is the “data controller” of all personal information that is collected and used in relation to London Tattoo Clinic and our website, www.londontattooclinic.co.uk.
What personal data we collect?
Personal data means any information relating to you which allows you to be identified, such as your name, contact details, medical information, payment details and information about your access to our website. We may collect personal data from you when you arrange a consultation with us, use our website or other administration portals and websites accessible through our website, or when you contact us. Typically, we may collect the following categories of information:
- Name, address, DOB, medical history (where applicable), e-mail address, telephone number, payment details;
- Information about your use of our treatments/services;
- Information about your use of our website;
- The communications you exchange with us or direct to us via letters, emails, calls, and social media.
We will process such data only if you have given your explicit consent and when it is entirely necessary in order to deliver the treatments/services that you have instructed us to provide.
How do we use your data?
Your data may be used for the following purposes:
- To enable us to provide the treatments/services you request: we use the information you give us to enable us to deliver the treatments/services you have asked for;
- To enable us to contact you; we send you communications about the appointments, treatments and services you have asked for and any changes to such treatments and services. These communications are not made for marketing purposes and cannot be opted-out of;
- To be able to charge you and to receive payment. We use your payment information for accounting, billing and audit purposes and to detect and/or prevent any fraudulent activities;
- Administrative or legal purposes: we use your data for statistical and marketing analysis, systems testing, customer surveys, maintenance and development, or in order to address and resolve a complaint or dispute. Note that we may perform data profiling based on the data we collect from you for statistical and marketing analysis purposes.
- Customer services We use your data to manage our relationship with you as our customer and to improve our treatments/services and enhance your experience with us;
- To provide a bespoke, tailored service. We may use your data to provide information to you that we believe is of interest to you, prior to, during, and after your treatments with us.
- Marketing: from time to time we will contact you with information regarding our treatments, promotions or changes to our services. You will have the choice to opt in or opt out of receiving such communications from London Tattoo Clinic. You will also be given the opportunity on email communication that we send you to indicate that you no longer wish to receive our direct marketing material.
We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for.
We may also process your personal data for one or more of the following:
- To comply with a legal obligation;
- You have consented to us using your personal data (e.g. for marketing related uses);
- To protect your vital interests or those of another person;
- If it is essential to enable us to operate our business and to deliver, and receive payment for, the services that you have instructed us to provide.
We will not retain your data for longer than is necessary. To determine the appropriate retention period, we consider the nature and sensitivity of the personal data and the purposes for which we process it.
Please note that we may need to retain personal data in order to meet our legal obligations, or to deal with complaints, queries and to protect our legal rights in the event of a claim being made. When we no longer need your personal data, we will securely delete or destroy it.
How secure is the data we hold?
We follow strict security procedures in the storage and disclosure of your personal data. The data you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information and payment details so that they can be securely transferred over the Internet.
How might we share of your data?
- Government authorities, law enforcement bodies, and regulators in compliance with legal requirements;
- Our partners, our staff and other healthcare consultants required to deliver the treatments/services you have asked for;
- Trusted companies that we are using to run our business such as cloud service and e-mail marketing service providers assisting our marketing team with running customer surveys and other such campaigns;
- Credit and debit card companies which facilitate your payments to us, and anti-fraud screening, which may need information about your method of payment and treatment charges to process payment or ensure the security of your payment transaction;
- Our accountants, auditors and other professional advisers, law courts and law enforcement bodies in all countries we operate in in order to enforce our legal rights in relation to our contract with you;
Website cookies and tracking
For more information about cookies please visit: www.allaboutcookies.org.
The Information Commissioner
You have the right to make a complaint at any time to a supervisory authority. The Information Commissioner is the lead data protection supervisory authority for London Tattoo Clinic Limited as a UK-based data controller. Our ‘Certificate of Registration’ reference is: ZA503728.
For further information about the Information Commissioner’s Office please visit www.ico.org.uk
Your data protection rights
If you have any concerns about what information we store or how we use your data then please contact us directly. Your data protection rights allow you to:
- Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
- Request access to your personal information and receive a copy of the personal information we hold about you.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) you originally agreed to unless legally required to do so.
If you wish to exercise any of your rights, contact us in the first instance by writing to us at:
Data Protection Request
London Tattoo Clinic
1 Dunraven House
230 Kew Road
What does it cost to access your personal information?
Normally you will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we reserve the right to charge you a fee if we have any reason to believe that a request for access is unreasonable or if we believe the request to be excessive. Alternatively, we may seek legal direction before refusing to comply with the request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.