Beyond Medispa are committed to protecting and respecting any personal information you share with us.
The processing of personal data, such as the name, address, e-mail address, or telephone number of data subjects shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to Beyond Medispa.
This statement describes what types of information we collect from you, how it is used by us, how we share it with others, how you can manage the information we hold and how you can contact us.
We will always give you the option not to receive marketing communications from us. We will never send you unsolicited ‘junk’ email or communications, or share your data with anyone else who might. We do not sell your information to third parties.
The contents of this statement may change from time to time so you may wish to check this page occasionally to ensure you are still happy to share your information with us. Where possible, we will also contact you directly to notify you of any substantial changes.
- NAME AND ADDRESS OF THE CONTROLLER
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Beyond Medispa Harvey Nichols, 109-125 Knightsbridge, Soho, London SW1X 7RJ
Email: firstname.lastname@example.org, Website: beyondmedispa.com
- NAME AND ADDRESS OF THE DATA PROTECTION OFFICER
The Data Protection Officer of the controller is:
Beyond Medispa Harvey Nichols, 109-125 Knightsbridge, Soho, London SW1X 7RJ
Phone: 020 7201 8595, Email: email@example.com, Website: beyondmedispa.com
Any data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.
You may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
What information do we collect?
We collect information about you when you engage with our website or use our contact form. We only collect information which is necessary, relevant and adequate for the purpose you are providing it for.
We collect a series of general data and information when you or an automated system uses the website. This general data and information are stored in the server log files. We may collect (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using this general data and information, Beyond Medispa does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, Beyond Medispa analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
If you contact us by e-mail or via the contact form, your personal data is automatically stored. This data is stored for the purpose of processing or contacting you back. We do not sell or share your personal information with third parties.
How do we use this information?
Beyond Medispa will only process information that is necessary for the purpose for which it has been collected. You will always have the option not to receive marketing communications from us (and you can withdraw your consent or object at any time). We will never send you unsolicited ‘junk’ email or communications, or share your personal information with anyone else who might.
There are various ways in which we may use or process your personal information. We list these below:
Where you have provided your consent, we may use and process your information to contact you from time to time about promotions, events, products, services or information which we think may be of interest to you (don’t worry, we won’t bombard you);
You can withdraw your consent at any time by contacting us on the details provided within the ‘How can I manage the information you hold about me’ section below or, in relation to any marketing messages you receive, by using the unsubscribe option included in those messages.
We may use and process your personal information where this is necessary to perform a contract with you and to fulfil and complete your agreement entered into with us.
We may use and process your personal information where it is necessary for us to carry out activities for which it is in our legitimate interests as a business to do so.
Processing necessary for us to support customers with sales and other enquiries
- To respond to correspondence you send to us and fulfil the requests you make to us (for example: to provide a quote, or further information of a product we provide);
Processing necessary for us to respond to understanding customers’ needs
- To analyse, evaluate and improve our products and services so that your visit and use of our website are more useful and enjoyable (we will generally use data amalgamated from many people so that it doesn’t identify you personally);
Processing necessary for us to promote our business, brands and products and measure the reach and effectiveness of our campaigns
- To send you marketing information from time to time after you have purchased a product from us or made a purchasing enquiry, brochure or other information of interest. We will only contact you with information about our own products and services (and in ways the law allows), which we hope you will like. You have the right to object to us sending you this information at any time;
- To contact you from time to time with marketing information (unless you object) if you are acting on behalf of a business or where we have obtained your business contact details from an online or public business directory. In relation to any such information we send by email or SMS, we will include an option allowing you to object to receiving future messages by unsubscribing;
Processing necessary for us to operate the administrative and technical aspects of our business efficiently and effectively
- To verify the accuracy of information that we hold about you and create a better understanding of you as a customer;
- For network and information security purposes i.e. in order for us to take steps to protect your information against loss, damage, theft or unauthorised access;
- To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
- To inform you of updates to our terms and conditions and policies.
We may process your personal information to comply with our legal requirements
Sometimes we will need to process your personal information to contact you if there is an urgent notice and we need to tell you about it.
In future, we may like to update our customers regularly by means of a newsletter about our latest news and information.
We will only send you the newsletter if; (1) you have a valid e-mail address and (2) you have expressively given consent to receive the newsletter. A confirmation e-mail will be sent to the e-mail address registered by you, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address is authorized to receive the newsletter.
During the registration for the newsletter, we will also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by you at the time of registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of you at a later date, and it therefore serves the aim of the legal protection of the us.
How long do we keep your information for?
We will not hold your personal information in an identifiable format for any longer than is necessary. If you are a customer, supplier, or otherwise have a relationship with us we will hold personal information about you for a longer period than if we have obtained your details in connection with a prospective relationship.
If we have a relationship with you, we hold your personal information for 6 years from the date our relationship ends. We hold your personal information for this period to establish, bring or defend legal claims.
Where we have obtained your personal information following a request for information, quote, brochure, or any other information on any of our products or services, we hold your personal information for 1 year and 6 months from the date we collect that information, unless during that period we form a relationship with you e.g. you go ahead with a quote and become a client. We hold your personal information for this period to give us an opportunity to form a relationship with you.
The only exceptions to the periods mentioned above are where:
The law requires us to hold your personal information for a longer period, or delete it sooner;
Where you have raised a legal claim, complaint or concern regarding a product or service offered by us, in which case we will retain your information for a period of 6 years following the date of that complaint or query; or
You exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further How can I manage the information we hold about you);
How can I manage the information you hold about me?
You have the right as an individual to access any personal information we hold about you, and make corrections if necessary. You also have the right to withdraw any consent you have previously given us and ask us to erase information we hold about you. You can also object to us using your personal information (where we rely on our business interests to process and use your personal information).
You have a number of rights in relation to your personal information under data protection law. In relation to most rights, we will ask you for information to confirm your identity and, where applicable, to help us search for your personal information. Except in rare cases, we will respond to you within 30 days after we have received any request (including any identification documents requested).
You have the right to:
- Ask for a copy of the information that we hold about you;
- Correct and update your information;
- Withdraw your consent (where we rely on it). Please see further How do we use this information;
- Object to our use of your information (where we rely on our legitimate interests to use your personal information) provided we do not have any continuing lawful reason to continue to use and process the information. When we do rely on our legitimate interests to use your personal information for direct marketing, we will always comply with your right to object;
- Erase your information (or restrict the use of it), provided we do not have any continuing lawful reason to continue to use and process that information;
- Transfer your information in a structured data file (in a commonly used and machine readable format), where we rely on your consent to use and process your personal information or need to process it in connection with your contract.
You can exercise the above rights and/or manage your information by contacting us using the details below:
Post: Beyond Medispa Harvey Nichols, 109-125 Knightsbridge, Soho, London SW1X 7RJ
Phone: 020 7201 8595
If you have any specific data protection concerns or a complaint, you can address it to our Data Protection Officer at Beyond Medispa Harvey Nichols, 109-125 Knightsbridge, Soho, London SW1X 7RJ
If you are unhappy, you have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office, the data protection regulator in the UK, are below:
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Call: 0303 123 1113, Email: firstname.lastname@example.org
We have integrated external platforms and social media platforms onto the website which are subject to their own privacy policies. A list of the platforms and their corresponding privacy policies are listed below