top of page

Privacy Policy

A Legal Disclaimer

Last updated: 15/04/26

At Rachel Kidd, we are committed to protecting your privacy and handling your personal information in a transparent and secure way.

This Privacy Policy explains how we collect, use, store and share your personal information when you:
 

  • visit rachelkidd.co.uk

  • contact us through the website, by email, phone or social media

  • sign up to receive newsletters or marketing updates

  • click through to our external booking portal

  • enquire about or receive services from Rachel Kidd at Clinic 59
     

1. Who we are

Rachel Kidd provides aesthetic and skincare services from Clinic 59.

For the purposes of data protection law, the data controller is:
Rachel Kidd
Clinic 59, 59 Townhill Road, Dunfermline, KY12 0JF
Email: rachel@clinic59.co.uk

If you have any questions about this Privacy Policy or how your personal data is handled, please contact us using the details above.

2. What personal information we collect

We may collect, use and store the following types of personal information:

Information you provide directly
 

  • your name

  • email address

  • phone number

  • any information you include in a contact form, enquiry or message

  • marketing preferences and permissions

  • any other information you choose to provide when contacting us
     

Newsletter and marketing data

If you sign up to receive marketing communications, we may collect:

  • your name

  • your email address

  • your consent preferences

  • records of when and how you opted in

  • engagement information such as whether emails are opened or links are clicked, where this is tracked by the email platform
     

Website usage and technical data

When you use the website, we may automatically collect:

  • IP address

  • browser type and version

  • device type

  • operating system

  • pages visited

  • referral source

  • date and time of access

  • cookie and analytics data
     

Patient and treatment-related data

If you become a client, we may also process information relevant to consultation, treatment and aftercare. This may include:

  • contact details

  • appointment history

  • consultation details

  • medical history

  • allergies

  • medications

  • contraindications

  • consent forms

  • treatment notes

  • before-and-after or clinical photographs

  • payment and transaction records
     

3. How we collect your information

We collect personal information:

  • directly from you when you complete a website form, sign up to our newsletter, contact us or otherwise communicate with us

  • automatically when you browse our website, through cookies and similar technologies where used

  • through external systems used to manage appointments, records, payments and patient communications

  • during consultation, treatment and aftercare where you become a client
     

4. External booking portal

Appointments are booked through a separate external booking portal, Aesthetic Nurse Software, which is linked from this website.

This means that:

  • when you click the booking link, you may leave rachelkidd.co.uk and move to a separate platform

  • personal information submitted during booking may be collected and processed through Aesthetic Nurse Software rather than directly through this website

  • that external platform may have its own privacy and cookie information
     

This Privacy Policy applies to rachelkidd.co.uk and Rachel Kidd’s handling of personal data. It does not replace the privacy information provided by third-party platforms when you use them.

5. How we use your information

We may use your personal information to:

  • respond to enquiries and messages

  • provide information about our services

  • manage newsletter subscriptions and marketing preferences

  • send newsletters, updates, offers or promotional emails where you have consented

  • improve our website, services and client experience

  • monitor website usage and performance

  • manage appointments, consultations and treatments

  • maintain accurate treatment and patient records

  • send appointment reminders and service communications

  • process payments and keep financial records

  • comply with legal, regulatory, insurance and professional obligations

  • establish, exercise or defend legal claims
     

6. Lawful basis for processing

Depending on the circumstances, we may rely on one or more of the following lawful bases:

Contract
Where processing is necessary to take steps at your request before entering into a contract, or to provide services to you.

Legal obligation
Where we need to process personal data to comply with legal, regulatory, tax, insurance or professional obligations.

Legitimate interests
Where processing is necessary for the legitimate interests of the business and those interests are not overridden by your rights and freedoms.

Consent
Where we rely on your consent, for example:

  • sending newsletter or promotional emails

  • using non-essential cookies

  • using identifiable treatment photos for marketing, where applicable
     

7. Health information and other special category data

If you become a client, we may need to process health-related information such as medical history, contraindications, allergies, medications and treatment suitability details.
This is special category data. We only process it where this is lawful, necessary and appropriately protected, including where it is needed in connection with the provision of care or treatment and the management of treatment records.

8. Photographs and treatment images

If photographs are taken as part of your consultation, treatment planning, progress tracking or clinical record, they may be stored as part of your treatment file.

We will not use identifiable photographs for marketing or promotional purposes unless we have an appropriate lawful basis to do so, which will usually be your consent.

9. Newsletter and marketing communications

If you sign up to our newsletter or marketing list, we may use your name and email address to send you:

  • service updates

  • clinic news

  • offers or promotions

  • treatment-related updates

  • other marketing communications relating to Rachel Kidd’s services
     

We will only send electronic marketing communications where you have given your consent, unless another lawful exemption applies.

You can unsubscribe or withdraw your consent at any time by:

  • clicking the unsubscribe link in any marketing email

  • contacting us directly using the contact details in this policy
     

We may keep a suppression record of your details to ensure we do not continue sending marketing after you opt out.

10. Who we share your information with

We may share personal information where necessary with:

  • website hosting providers

  • website developers or IT support providers

  • analytics and website service providers

  • email marketing platform providers

  • booking and clinic management software providers, including Aesthetic Nurse Software

  • payment providers

  • insurers, accountants, legal advisers or other professional advisers

  • regulators, courts, law enforcement or public authorities where required

  • other healthcare professionals or service providers where relevant to your care and lawful to do so
     

We require service providers acting on our behalf to handle personal data appropriately and only for authorised purposes.

11. International transfers

Some of our third-party providers may process personal data outside the UK.
Where this happens, we will take reasonable steps to ensure that personal data is protected and that appropriate safeguards are in place, in line with applicable data protection law.

12. Cookies and similar technologies

Our website may use cookies and similar technologies to:

  • enable core website functionality

  • understand how visitors use the website

  • improve website performance

  • support analytics and marketing activity where applicable
     

Where non-essential cookies are used, such as analytics or marketing cookies, we will seek your consent through an appropriate cookie banner or consent mechanism.
You can also manage cookies through your browser settings.

13. How long we keep your information

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, regulatory, insurance, accounting, clinical and professional requirements.

Retention periods may vary depending on the type of information:

  • website enquiries may be kept for a reasonable period to deal with follow-up and administration

  • marketing records may be kept while consent remains valid or until you unsubscribe

  • financial records may be kept for statutory accounting and tax purposes

  • treatment and patient records may be retained in line with professional, legal and business record-keeping obligations
     

14. Data security

We take appropriate technical and organisational measures to help protect personal data against unauthorised or unlawful access, loss, destruction, misuse or alteration.

These measures may include:

  • password protection

  • secure systems and software

  • restricted access to records

  • secure storage of treatment information

  • use of reputable third-party providers

  • staff or practitioner confidentiality obligations where applicable
     

15. Your rights

Under data protection law, you may have the right to:

  • request access to your personal data

  • request correction of inaccurate or incomplete data

  • request erasure of your data in certain circumstances

  • request restriction of processing

  • object to certain processing

  • withdraw consent where we rely on consent

  • request portability of certain data where applicable

  • complain to the Information Commissioner’s Office
     

16. Complaints

If you have concerns about how we use your personal data, please contact us first and we will try to resolve the issue.

You also have the right to make a complaint to the Information Commissioner’s Office (ICO).

17. Third-party websites

Our website may contain links to third-party websites, platforms or social media pages, including our booking portal.

If you follow a link to another website or platform, that site will have its own privacy and cookie information. We are not responsible for the privacy practices of third-party websites or services.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to the law, our services, or the way we handle personal data.

The latest version will always be posted on this website with the updated date shown at the top.

bottom of page