Treatments Lashes Aesthetics Blood Services Gallery Pricing About Contact 🇵🇱 Wersja polska Book Now

Legal

Privacy Policy

Last updated: 1 January 2026

J&A Skin Woking ("J&A", "we", "us" or "our") is committed to protecting your privacy. This policy explains what personal information we collect, how we use it, and the choices and rights you have, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We collect information you give us directly, information gathered automatically when you use our website, and information generated through your treatments and appointments with us.

  • Contact details — name, email address, phone number and postal address, provided when you book an appointment, complete our contact form, or sign up for updates.
  • Booking information — appointment history, treatment preferences and clinic notes.
  • Health information — medical history, allergies, medications and consultation notes relevant to your treatment (see Section 3).
  • Payment information — processed securely by our payment providers; we do not store full card details.
  • Technical information — IP address, browser type, device information and pages visited, collected via cookies and similar technologies.

2. How We Use Your Information

We use your personal information to:

  • Book, manage and remind you of appointments
  • Deliver safe, appropriate treatments and aftercare
  • Process payments and maintain accurate records
  • Respond to enquiries sent through our contact form
  • Send appointment confirmations, aftercare guidance and, where you've agreed, marketing updates
  • Improve our website, services and clinic operations
  • Meet our legal, regulatory and insurance obligations

Our lawful bases for processing include performance of a contract (booking and delivering treatments), consent (marketing communications), and legitimate interests (improving our services and keeping accurate clinical records).

3. Medical & Health Information

As a clinic offering aesthetic, skincare and blood testing services, we may collect special category data — including health information — during your consultation. This data is used solely to assess suitability for treatment, deliver care safely, and maintain clinical records as required by our regulatory bodies.

Health information is stored securely, accessed only by clinicians directly involved in your care, and retained in line with our clinical record-keeping obligations. We will always ask for your explicit consent before collecting this information.

4. Cookies

Our website uses cookies and similar technologies to remember your preferences, understand how visitors use our site, and support booking functionality. You can control or disable cookies through your browser settings, though some parts of the site may not function as intended if you do so.

5. Sharing Your Information

We do not sell your personal information. We may share it with:

  • Trusted third parties who support our operations, such as booking software providers, payment processors and laboratory partners for blood testing services
  • Regulatory or professional bodies, where required by law or for insurance purposes
  • Other healthcare professionals, only with your consent or where necessary for your care

Any third party we work with is required to handle your information securely and in line with applicable data protection law.

6. Data Retention

We retain personal and clinical information for as long as necessary to provide our services, meet legal and regulatory record-keeping requirements, and resolve any disputes. Clinical records are typically retained for a minimum period set by our professional and insurance bodies, after which they are securely deleted or anonymised.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information, where applicable
  • Object to or restrict certain processing
  • Withdraw consent to marketing at any time
  • Request a copy of your data in a portable format

To exercise any of these rights, please contact us using the details below. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Data Security

We use appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, or misuse, including secure storage systems, restricted access to clinical records, and encrypted transmission of payment data.

9. Children's Privacy

Our services are intended for adults. We do not knowingly collect personal information from anyone under the age of 16 without the consent of a parent or guardian.

10. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised "last updated" date.

11. Contact Us

If you have any questions about this policy or how we handle your personal information, please get in touch:

Fully Insured Medically Supervised Sterile, Single-Use Equipment 5★ Google Reviewed