This Privacy Policy explains how Lindart Beauty Studio (“we”, “us”, “our”) collects, uses, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Business name: Lindart Beauty Studio
Address: 116 London Road, Flat 2, St. Leonards on Sea, TN37 6LT, United Kingdom
Phone: +44 7928 040729
Email: lindartbeautystudio@gmail.com
ICO Registration Number: [PENDING — TO BE ADDED UPON REGISTRATION]

We may collect the following categories of personal information:

• ◆Full name, contact details (phone number, email address)
• ◆Appointment history and booking records
• ◆Payment information (processed securely; we do not store card details)
• ◆Health and skin consultation records (see Special Category Data below)
• ◆Communications sent to us via email, phone or contact forms

Certain treatments we offer — including Hydro-Dermabrasion, GlowPen Microneedling, Chemical Peels, and other advanced skin procedures — require us to collect sensitive health information before treatment commences.

This may include:

• ◆Known allergies and skin sensitivities
• ◆Current or previous skin conditions (e.g. rosacea, eczema, acne)
• ◆Medical history relevant to contraindications (e.g. use of blood thinners, isotretinoin, diabetes)
• ◆Pregnancy or breastfeeding status
• ◆Patch test results and treatment consent records

This data constitutes Special Category Data under UK GDPR Article 9. We process it on the lawful basis of explicit consent (Article 9(2)(a)) and, where applicable, for preventive or occupational medicine (Article 9(2)(h)).

You have the right to withdraw consent at any time, though this may affect our ability to safely perform certain treatments.

• ◆To book and manage your appointments
• ◆To provide safe and appropriate beauty treatments
• ◆To send appointment reminders and follow-up communications
• ◆To comply with our legal and insurance obligations
• ◆To respond to enquiries and complaints
• ◆To maintain accurate business and treatment records

We do not use your data for automated decision-making or profiling.

• ◆Contract performance — to deliver the services you have booked
• ◆Legitimate interests — to manage our business and communicate with clients
• ◆Legal obligation — to comply with insurance, tax and regulatory requirements
• ◆Explicit consent — for Special Category Data (health records)

We retain your personal data only for as long as necessary for the purposes for which it was collected.

• ◆Client treatment and health records are kept for a minimum of 7 years from the date of your last appointment. This retention period is required to comply with UK beauty industry insurance requirements and professional liability obligations.
• ◆Booking and contact information is retained for 3 years from your last interaction, after which it is securely deleted.
• ◆Financial records are kept for 6 years in accordance with HMRC requirements.

We do not sell, rent or trade your personal data. We may share it with:

• ◆Our booking or scheduling software provider (as a data processor)
• ◆Payment processors, solely for the purpose of completing transactions
• ◆Our insurance provider, where a claim relates to your treatment
• ◆Legal or regulatory authorities, where required by law

All third parties are required to handle your data securely and in accordance with UK GDPR.

Under UK GDPR, you have the following rights:

• ◆Right of access — to request a copy of your personal data
• ◆Right to rectification — to correct inaccurate or incomplete data
• ◆Right to erasure — to request deletion, subject to legal retention obligations
• ◆Right to restrict processing — in certain circumstances
• ◆Right to data portability — to receive your data in a structured format
• ◆Right to object — to processing based on legitimate interests
• ◆Right to withdraw consent — at any time where consent is the lawful basis

To exercise any of these rights, please contact us at lindartbeautystudio@gmail.com. We will respond within 30 days.

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. Physical records are stored securely. Digital records are password-protected and access is restricted.

Our website may use essential cookies to ensure it functions correctly. We do not use tracking or advertising cookies without your consent. For more information, please refer to our Cookie Policy.

If you have concerns about how we handle your personal data, please contact us in the first instance. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Website: ico.org.uk ·  Helpline: 0303 123 1113

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date. We encourage you to review this policy periodically.