The clinic is open Welcome back

Svelte Body Clinic
Home
COVID-19
BOOK NOW
Contact us
Treatments
Technologies
Laser Treatments
Store
Reviews
Svelte Body Clinic
Home
COVID-19
BOOK NOW
Contact us
Treatments
Technologies
Laser Treatments
Store
Reviews
More
  • Home
  • COVID-19
  • BOOK NOW
  • Contact us
  • Treatments
  • Technologies
  • Laser Treatments
  • Store
  • Reviews
  • Sign In
  • Create Account
  • Bookings
  • Orders
  • My Account

  • Signed in as:

  • filler@godaddy.com

  • Bookings
  • Orders
  • My Account

  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • COVID-19
  • BOOK NOW
  • Contact us
  • Treatments
  • Technologies
  • Laser Treatments
  • Store
  • Reviews

Account

  • Bookings
  • Orders
  • My Account

  • Sign out

  • Sign In
  • Bookings
  • Orders
  • My Account

Privacy Policy

Svelte Body Clinic 

Privacy and GDPR Notice

This Privacy and GDPR Notice explains how Svelte Body Clinic uses any personal information we collect about you when you use this website, purchase/utilise any SVELTE BODY CLINIC  products and services and communicate with SVELTE BODY CLINIC . 

This notice covers the following areas:-

1. Who we are and our Data Protection Officer 

2. Personal data we collect about you: i. Categories of data we collect ii. Sensitive personal data 

3. How and why we use your personal data 

4. What the legal grounds for the processing of patient/client personal information are (including when we share it with others, confidentiality and consent) 

5. What should patient/client do if their personal information changes 

6. How long a patient/client’s personal information is retained by us 

7. Patient/client’s rights under data protection laws 

8. Requesting access to your personal data 

9. Security of your personal data 

10. Cookies 

11. Updates to our Privacy Notice

12. How to contact us 

  1. Who we are and our Data Protection Officer

Our Privacy Notice applies to the personal data that Svelte Body Clinic collects and uses. Svelte Body Clinic is known as the ‘Controller’ of the personal data provide to them. They collect basic personal data about patient/clients which does not include any special types of information or location-based information. This does however include name, address, DOB and contact details such as email and mobile number, etc. Svelte Body Clinic also collect sensitive confidential data known as “special category personal data”, in the form of health information, religious belief (if required in a healthcare setting), ethnicity and gender during the services they provide to patient/clients and/or linked to the healthcare through other health providers or third parties. The clinic manager  is the Data Protection Officer (DPO) for Svelte Body Clinic, which means that he will ultimately determine for what purposes personal information is held and what it will be used for. He is also responsible for notifying the Information Commissioner of the data we hold or are likely to hold, and the general purposes of what that data will be used for. Svelte Body Clinic has appointed, Clinical Manager, as the person with responsibility for data protection compliance. He can be contacted at INFO@SVELTEBODYCLINIC.co.uk. Questions about this policy, or requests for further information, should be directed to him.

  1. Personal data we collect about you. 

When using the term “personal data” in our Privacy and GDPR Notice, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include e.g. your name, your contact details, company, information relating to your health or information on how you use our website or interact with us. We collect some personal data from you, e.g. when you order products/services, use our website, use our services or contact us. 

  1. Categories of data we collect 

We may collect and process the following information about you: 

  • Your name, surname and your contact details (email address, telephone number(s), postal address, Company) 

•    Information about your transaction, including your payment card details 

•    When you purchase products or services from Svelte Body Clinic 

  • When you register on our website using client-specific portals, when you take part in our competitions or when you choose an offer we make available on our website
  • Information about your bookings, if you require special assistance or if you have specific requirements
  • Information about your health, if you have a medical condition that you make us aware of when booking a service/appointment for Svelte Body Clinic, etc (please see section “Sensitive personal data” below for more information) 
  • The communications you exchange with us (e.g. your emails, letters or calls) 
  • When you contact Svelte Body Clinic or you are contacted by Svelte Body Clinic 
  • Your posts and messages on social media directed to Svelte Body Clinic • When you interact with us on social media 
  • Your feedback 
  • When you reply to our requests for feedback or participate in our customer surveys 
    1. Sensitive personal data

In the course of providing services to you, we may collect information that could reveal your racial or ethnic origin, physical or mental health, religious beliefs or alleged commission or conviction of criminal offences. Such information is considered “sensitive personal data” under the General Data Protection Regulation. We only collect this information where you have given your explicit consent, it is necessary or you have deliberately made it public. For example, we may collect this information in the following circumstances: 

  • For your safety, when you have a specific medical condition which may impact on your ability to take up services from Svelte Body Clinic. 
  • If you request special assistance when attending Svelte Body Clinic, this could reveal information about your health 

By providing any sensitive personal data you explicitly agree that we may collect and use it in order to provide our services and in accordance with this Privacy Notice. If you do not allow us to process any sensitive personal data, this may mean we are unable to provide all or parts of the services you have requested from us. 

  1. How and why we use your personal data.

The data will be processed by the staff at Svelte Body Clinic in accordance with the type of product or service required. Data collected for other reasons detailed above will be only that which is required to meet the purpose and processed by the appropriate person within Svelte Body Clinic. Svelte Body Clinic will not share your information for marketing purposes with any companies outside the business. 

We use your personal data for the following purposes: 

  1. Processing of orders of services 

•  Svelte Body Clinic requires personal data for contractual purposes to provide the product or service ordered 

  • Patient/clients using PayPal to pay for products and services will be directed to their website and financial data collected by PayPal is subject to their Privacy Policy/Notice

  1. The health care professionals at Svelte Body Clinic who provide the patient care maintain records about the patient/client health and any treatment or care received previously (e.g. NHS Trust, GP Surgery, Walk-in clinic, etc.). These records help to provide the patient/client with the best possible healthcare. NHS health records may be electronic, on paper or a mixture of both, and Svelte Body Clinic use a combination of working practices and technology to ensure that patient/client information is kept confidential and secure. Records which the clinic hold about patient/clients may include the following information: 

•   Details about them, e.g. address, carer, legal representative, emergency contact details 

•   Any contact the clinic has had with the patient/client, e.g. appointments, clinic visits, etc. 

  • Notes and reports about the patient/client’s health • Details about the treatment and care 
  • Results of investigations such as laboratory tests, etc 
  • Relevant information from other health professionals, relatives or those who care for the patient/client. To ensure that they receive the best possible care, the patient/client records are used to facilitate the care they receive. Information held about a patient/client may be used to help protect the health of the public. Information may be used within the clinic for clinical audit to monitor the quality of the service provided. 

  1. To communicate with you and manage our relationship with you. 

  • Occasionally we may need to contact you by email and/or SMS and/or Whatsapp and/or social media for administrative or operational reasons, e.g. in order to send you confirmation of your bookings and your payments, to inform you about changes to any services 
  • We will also use your personal data if we contact you after you have sent us an enquiry, filled in a web-form through our website or contacted us 
  • We will use the communications you exchange with us and the feedback you may provide in order to manage our relationship with you as our customer and to improve our services and experiences for customers 

  1. To personalise and improve your customer experience 

  • We may use your personal data in order to tailor our services 
  • We may also collect information on how you use our website, which pages of our website you visit most and what products/services you buy. 
  • We may use your information collected from the website to personalise your repeat visits to our website. The business purposes for which we will use your information include accounting, billing and audit, credit or other payment card verification, statistical and marketing analysis 

e.   To comply with our legal obligations 

  1. What the legal grounds for the processing of patient/client personal information are (including when we share it with others)

Svelte Body Clinic needs to know a patient/client’s personal, sensitive and confidential data in order to provide the healthcare services as a clinic, under the General Data Protection Regulation we will be lawfully using your information in accordance with: 

Article 6, e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;” 

Article 9, (h) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems. 

The privacy notice applies to the personal data of the patient/clients at Svelte Body Clinic and the data that patient/clients have given the clinic about their carers/family members. 

  1. Safeguarding Svelte Body Clinic is dedicated to ensuring that the principles and duties of safeguarding adults and children are holistically, consistently and conscientiously applied with the wellbeing of all, at the heart of what they do. 
  2. The legal basis for processing the General Data Protection Regulation (GDPR) purposes is: 

Article 6(1)(e) ‘…exercise of official authority…’. For the processing of special categories data, the basis is: - Article 9(2)(b) – ‘processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law…’ 

iii. Categories of personal data 

The data collected by clinic staff in the event of a safeguarding situation will be as much personal information as is necessary or possible to obtain in order to handle the situation. In addition to some basic demographic and contact details, Svelte Body Clinic will also process details of what the safeguarding concern is. This is likely to be special category information (such as health information). 

iv. Sources of the data Svelte Body Clinic will either receive or collect information when someone contacts the organisation with safeguarding concerns or if Svelte Body Clinic believes there may be safeguarding concerns and make enquiries to relevant providers. 

v. Recipients of personal data The information is used by Svelte Body Clinic when handling a safeguarding incident or concern. The clinic may share information accordingly to ensure duty of care and investigation as required with other partners such as local authorities, the police or healthcare professionals (i.e. their GP or mental health team). 

b. Maintaining confidentiality of patient/client records Svelte Body Clinic are committed to protecting patient/client privacy and will only use information collected lawfully in accordance with: 

• Data Protection Act 2018 

• The General Data Protection Regulations 2016 

• Human Rights Act 1998 

• Common Law Duty of Confidentiality 

• Health and Social Care Act 2012 

• NHS Codes of Confidentiality, Information Security and Records Management 

• Information: To Share or Not to Share Review 

  1. Every member of staff at Svelte Body Clinic has a legal obligation to keep information about patient/clients confidential. Svelte Body Clinic will only ever use or pass on information about patient/clients if others involved in their care have a genuine need for it. Svelte Body Clinic will not disclose information to any third party without permission from a patient/client unless there are exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on and/or in accordance with the information sharing principle following Dame Fiona Caldicott’s information sharing review (Information to share or not to share) where “The duty to share information can be as important as the duty to protect patient confidentiality.” This means that health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by the Caldicott principles. 
  2. Svelte Body Clinic policy is to respect the privacy of our patient/clients, their families and our staff and to maintain compliance with the General Data Protection Regulations (GDPR) and all UK specific Data Protection Requirements. This policy is to ensure all personal data related to our patients will be protected. 
  3. All employees and sub-contractors engaged by Svelte Body Clinic are asked to sign a confidentiality agreement. 
  4. In certain circumstances a patient/client may have the right to withdraw their consent to the processing of data. They should be advised to contact the Data Protection Officer in writing if they wish to withdraw their consent (see section 7. c). In some circumstances Svelte Body Clinic may need to store patient/client data after the consent has been withdrawn to comply with a legislative requirement. 
  5. Some patient/client data will be held centrally and used for statistical purposes. Where this is done, Svelte Body Clinic take strict measures to ensure that individual patient/clients cannot be identified. Sometimes the information may be requested to be used for research purposes – the clinic will always gain patient/client consent before releasing the information for this purpose in an identifiable format. In some circumstances you can opt-out of the clinic sharing any of your information for research purposes (see section 12). 
  6. Consent for further information Svelte Body Clinic would however like to use a patient/client’s name, contact details and email address to inform a patient/client of services that may benefit them, with their consent only. At any stage where Svelte Body Clinic would like to use patient/client data for anything other than the specified purposes and where there is no lawful requirement for the clinic to share or process the data, Svelte Body Clinic will ensure that patient/clients have the ability to consent and opt-out prior to any data processing taking place. This information is not shared with third parties or used for any marketing and you can unsubscribe at any time via phone, email or by informing the Svelte Body Clinic Data Protection Officer. 

d. Sharing your personal data Svelte Body Clinic will not share your information for marketing purposes with any other company. 

  • Patient/clients paying via telephone will be required to provide details to Svelte Body Clinic, to allow payment to be processed. Payments are processed through PayPal and patient/clients should refer to their privacy policy/notice regarding the processing of personal data. Svelte Body Clinic will only use the data for making patient/client bookings so no card details are stored 
  • In addition to the parties listed above, we may disclose your personal data when this is required by the law of any jurisdiction to which Svelte Body Clinic may be subject 
  • Through our website we provide links to third party websites, when you link to other websites you should read their own privacy policies/notices. Please be aware that this Privacy Notice does not apply to such websites and Svelte Body Clinic is not responsible for your information that third parties may collect through these websites 

e.  Where electronic information is stored

All the personal data that Svelte Body Clinic process is processed by our staff and held in the UK. No third parties have access to patient/client personal data unless the law allows them to do so and appropriate safeguards have been put in place. Svelte Body Clinic has a Data Protection regime in place to oversee the effective and secure processing of patient/client personal and or special category (sensitive, confidential) data. 

f.   Computer System

Svelte Body Clinic operates a clinical computer system on which staff record your payment, patient and private information via a secure network system. Please note, our systems are backed up virtually via a secure private IT company at regular points through our working week, as well as manually stored securely at our premises at SVELTE BODY CLINIC  HQ. Svelte Body Clinic consider patient consent as being the key factor in dealing with patient/client health information.

g. Shared Care Records Svelte Body Clinic will not share patient/client information to other systems. 

h. Sharing patient/client information without consent Svelte Body Clinic will normally ask patient/clients for their consent, but there are times when it may be required by law to share patient/client information without their consent, e.g. 

  • where there is a serious risk of harm or abuse to the patient/client or other people;
  • where a serious crime, e.g. assault, is being investigated or where it could be prevented; 
  • notification of new births; 
  • where Svelte Body Clinic encounter infectious diseases that may endanger the safety of others, e.g. meningitis or measles (but not HIV/AIDS); 
  • where a formal court order has been issued; 
  • where there is a legal requirement, e.g. if a patient/client had committed a Road Traffic Offence 

5.     What should a patient/client do if their personal information changes

Patient/clients should inform Svelte Body Clinic of any changes to personal information if they return for any treatment so that the clinic can update their records. They would be advised to email info@SvelteBodyClinic.co.uk as soon as any of your details change. Especially important are changes of address or contact details (e.g. mobile phone number or email address), therefore Svelte Body Clinic will, from time to time, ask patient/clients to confirm that the information currently held is accurate and up-to-date. 

6.   How long a patient/client’s personal information is retained by us 

Svelte Body Clinic are required under UK law to keep patient/client information and data for the full retention periods as specified by the NHS Records management code of practice for health and social care and national archives requirements. More information on records retention can be found online at (https://digital.nhs.uk/article/1202/Records-Management-Code-of-Practice-for-Health-andSocial-Care-2016) 

7.   Patient/client’s rights under data protection laws 

Even if Svelte Body Clinic already holds the personal data of a patient/client, the patient/client still has various rights in relation to it. Svelte Body Clinic would advise that the patient/client to make contact (see section 12). Svelte Body Clinic will seek to deal with the request without undue delay, and in any event in accordance with the requirements of any applicable laws. Svelte Body Clinic may keep a record of the communications to help them resolve any issues which a patient/client may raise. 

  1. Right to object: If Svelte Body Clinic are using a patient/client’s data because they deem it necessary for their legitimate interests to do so, and a patient/client does not agree, the patient/client has the right to object. Svelte Body Clinic will respond to a patient/client’s request within 30 days (although Svelte Body Clinic may be allowed to extend this period in certain cases). Generally, Svelte Body Clinic will only disagree with a patient/client if certain limited conditions apply. 
  2. Right to withdraw consent: Where Svelte Body Clinic have obtained patient/client consent to process their personal data for certain activities (e.g. for a research project), or consent to market to a patient/client, the patient/client may withdraw their consent at any time. 

c. Right to erasure: In certain situations (e.g. where Svelte Body Clinic have processed patient/client data unlawfully), the patient/client has the right to request the clinic to "erase" their personal data. Svelte Body Clinic will respond to their request within 30 days (although Svelte Body Clinic may be allowed to extend this period in certain cases) and will only disagree with a patient/client if certain limited conditions apply. If Svelte Body Clinic do agree to the patient/client request, they will delete the patient/client data but will generally assume that the patient/client would prefer the clinic to keep a note of their name on the clinic register of individuals who would prefer not to be contacted. That way, Svelte Body Clinic will minimise the chances of the patient/client being contacted in the future where their data are collected in unconnected circumstances. If a patient/client would prefer the clinic not to do this, they are free to say so. 

8.   Requesting access to your personal data 

Subject Access Requests (SAR): Patient/clients have a right under the Data Protection legislation to request access to view or to obtain copies of what information Svelte Body Clinic holds about them and to have it amended should it be inaccurate. To request this, they need to do the following: 

  • The patient/client should make their request to Svelte Body Clinic 
  • There would be no charge to have a copy of the information held about them
  • Svelte Body Clinic are required to respond to the patient/client within one month
  • The patient/client will need to give adequate information (e.g. full name, address, date of birth and details of their request) so that their identity can be verified, and their records located 

9.   Security of your personal data 

We are committed to taking appropriate measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to that personal data. When you provide your personal data through our website, this information is transmitted across the internet securely using high-grade encryption. 

As described in this Privacy Notice, there are some instances where we need to disclose your personal data to third parties. Where Svelte Body Clinic discloses your personal data to a third party, we require that the third party to have appropriate measures in place to protect your personal data; however in some instances we may be compelled by law to disclose your personal data to a third party and have limited control over how it is protected by that party. The information that you provide to us will be held in our systems, which are located on our premises or those of an appointed third party. We will retain your personal data for as long as we need it in order to fulfil our purposes set out in this Privacy Notice or in order to comply with the law. 

10.    Cookies 

In order to improve our services, to provide you with more relevant content and to analyse how visitors use our website, we use technologies, such as cookies. We will not be able to identify you from the information we collect using these technologies. You can delete cookies if you wish; while certain cookies are necessary for viewing and navigating on our website, most of the features will still be accessible without cookies.

We will only read or write cookies for the preference level set, cookies set prior to you changing your settings will still be on your computer and you can remove them using your browser settings.

We use a cookie to remember your cookie preferences this has a couple of consequences

  • If you delete all your cookies you will have to update your preferences with us again.
  • If you use a different device, computer profile or browser you will have to tell us your preferences again.

HOW WE USE COOKIES 

ASP.NET_SessionId – Stores the unique session ID provided to the user by the website.

.ASPXFORMSAUTH – Stores the user’s encrypted authentication ticket when using forms authentication.

Campaign – Stores the web analytics Campaign assigned to the visitor.

CMSAB<ABtestname> – Used to track conversions for the test and maintain consistent page content for the visitor. Stores the name of the page variant assigned to the visitor, the list of performed conversions and information whether visitor is included in A/B testing specified by an A/B test.

CMSCookieLevel – Specifies which cookies are allowed by the visitor.

CMSCsrfCookie – Store’s a security token that the system uses to validate all form data submitted via POST requests. Helps protect against Cross site request forgery.

CMSMVT<mvtestname> – Stores the combination of variants assigned to the visitor by an MVT test. Used to track conversions for the test and maintain consistent page content for the visitor.

CMSPreferredCulture – Stores the visitor’s preferred content culture.

CMSShoppingCart – Stores a reference to the user’s active shopping cart.

CookieBar – Stores whether or not the visitor has accepted the cookie policy.

CPCKeyword – Stores the keyword that directed the visitor to the site if it was via a PPC campaign.

CurrentContact – Stores the GUID of the contact related to the current site visitor. Used to track activities on the website.

DoubleClick – Cookies used by the Google DoubleClick advertising service. Full details on DoubleClick cookies can be found here.

Google Analytics – Cookies used by Google Analytics to track the visitor’s data on the website. Full details on Google Analytics cookies can be found here.

Source – Stores the channel which the user came from (e.g., email, Facebook, Twitter, etc.).

StickyFooter-<ActionName> – Stores whether or not the visitor has performed an action in the mobile sticky footer.

StickyHeaderViewed – Stores whether or not the visitor has been show the sticky header on the desktop version of the website.

TimeOnSite – Stores the total time in seconds the visitor has been on the website this session.

UrlReferrer, ReferrerURL – Stores the URL referrer from which the user arrives on the website.

VisitorStatus – Indicates if the visitor is new or returning. Used for tracking the visitors statistic in Web analytics.

INFORMATION THIS WEBSITE GATHERS/TRACKS

As web tracking offers more chances to market to website visitors across the Internet, you as a visitor to the Svelte Body Clinic website may be targeted with adverts on other websites. Google and third party vendors might show targeted adverts with the ability to opt out. First and third party cookies are used to provide information and offer improvements to optimise quality of adverts served. You can change the cookie management settings on our website or in your web browser to stop these adverts. If you are a registered Facebook user, you may also receive targeted adverts from Svelte Body Clinic. You can read about how Facebook works by following  this link https://en-gb.facebook.com/policies/cookies/

11.   Updates to our Privacy Notice 

We review this Privacy Notice on a regular basis and will publish any new version on the website. 

12.    How to contact us 

Please contact the Data Protection Officer if you have any questions about our Privacy Notice. 

Any queries regarding Data Protection issues should be addressed to: - 

Email: info@SvelteBodyClinic.co.uk 

Postal: SVELTE BODY CLINIC, 98-100 Eversholt Street, London, NW1 1BP. 

If you are happy for your data to be extracted and used for the purposes described in this privacy notice, then you do not need to do anything. 

If you have any concerns about how your data is shared, then please contact the Data Protection Officer at Svelte Body Clinic. 

If you would like to know more about your rights in respect of the personal data we hold about you, please contact the Data Protection Officer.

  • COVID-19
  • BOOK NOW
  • Technologies
  • Privacy Policy
  • Store

Svelte Body Clinic

98-100 Eversholt Street, London, NW1 1BP, United Kingdom

0203 006 2938

Copyright © 2022 Svelte Body Clinic - All Rights Reserved.

Company Reg. No. 12125717. Vat Reg. No. 328869745

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept

Welcome to Svelte Body Clinic