top of page

Privacy Policy

Last updated January 2026

This Privacy Policy explains how Zassy Aesthetics (“we”, “us” or “our”) collects, uses, stores and protects your personal data when you interact with us, including when you visit our website, make a booking, attend an appointment, contact us, or engage with our marketing.

Zassy Aesthetics is the data controller for the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details set out at the end of this policy.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or how we operate our business. Any updates will be published on our website and will take effect from the date shown above. We recommend reviewing this policy periodically.

What Personal Data We Collect

We collect personal data that is necessary to provide our services safely, professionally and lawfully. This may include:

  • Your name, email address and telephone number

  • Booking and appointment details

  • Medical information relevant to your treatment, including allergies, skin conditions, medications and pregnancy status

  • Patch test results and consultation records

  • Photographs taken for treatment records or marketing purposes (with consent)

  • Communications between you and us, including emails, messages and enquiries

  • Website usage data, including cookies and analytics data

How We Collect Your Personal Data

We collect personal data directly from you when you:

  • Make a booking or enquiry

  • Complete a consultation or medical questionnaire

  • Attend an appointment

  • Contact us via email, phone, social media or our website

  • Subscribe to our marketing communications

  • Interact with our website, including through cookies

Lawful Basis for Processing

We process your personal data under one or more of the following lawful bases:

  • Performance of a contract, where processing is necessary to provide your booked treatment

  • Legal obligation, where we are required to retain records for regulatory, insurance or legal reasons

  • Legitimate interests, to manage and improve our business and client experience

  • Consent, where you have given clear permission, such as for marketing communications or use of images

You may withdraw your consent at any time where consent is the lawful basis for processing.

Medical and Special Category

Certain information we collect, such as medical history and skin conditions, is classed as special category data under UK GDPR. This information is collected solely to ensure your safety and suitability for treatment and is processed in accordance with strict confidentiality and legal safeguards.

Cookies and Website Analytics

Our website uses cookies and similar technologies to improve functionality and understand how visitors use our site. Cookies may collect information such as your IP address, browser type and pages visited. You can manage or disable cookies through your browser settings. For more information, please refer to our Cookie Policy.

Sharing Your Personal Data

We do not sell your personal data. We may share your information with trusted third parties only where necessary, including:

  • Booking and payment service providers

  • Website hosting and IT service providers

  • Accountants, insurers or professional advisers

  • Regulatory or law enforcement authorities where legally required

All third parties are required to process your data securely and in accordance with data protection laws.

Your Data Protection Rights

You have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate or incomplete data

  • Request erasure of your personal data (in certain circumstances)

  • Object to or restrict processing of your data

  • Withdraw consent at any time where consent is relied upon

  • Request data portability where applicable

To exercise any of these rights, please contact us using the details below. We may request proof of identity before processing your request.

Complaints

If you are unhappy with how we have handled your personal data, please contact us first so we can address your concerns. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

Contact Details

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact:

Zassy Aesthetics
Email: info@zassyaesthethics.com

bottom of page