Bella Skin
Legal

Privacy Policy

Last updated: 15 April 2026

Bella Skin is committed to protecting your privacy and handling your sensitive medical and personal data with the utmost care. This policy explains how we collect, use, and protect your information when you visit our clinic, use our website, or undergo clinical treatments with us in the United Kingdom.

Who We Are

Bella Skin is a Care Quality Commission (CQC) registered clinical dermatology and aesthetic medicine practice. When this policy refers to "Bella Skin", "we", or "us", it refers to our registered clinical practice operating out of London.

Our clinic is located at 15 Harley Street, London W1G 9QQ, United Kingdom. For data protection purposes, we are the designated Data Controller.

Information We Collect

As a medical practice, we collect both standard personal data and special category (medical) data:

  • Identity Data: Full name, date of birth, gender, and photographic ID.
  • Contact Data: Email address, telephone numbers, and home address.
  • Medical Data: Complete medical history, current medications, allergies, previous procedures, and clinical photographs.
  • Financial Data: Payment details and billing addresses.

How We Use Your Information

We use your information strictly for clinical and operational purposes:

  • To safely assess your suitability for clinical and aesthetic treatments.
  • To maintain accurate, legally required medical records of your treatments.
  • To manage your appointments and provide post-treatment aftercare.

Legal Basis for Processing

  • Healthcare Provision: Processing medical data is necessary for preventative medicine and health care.
  • Consent: Where you have explicitly consented to specific treatments.
  • Contract: To fulfil our obligations in delivering the services you booked.

Data Sharing & Confidentiality

Your medical confidentiality is absolute. We will never sell your data. We only share data with verified third parties essential to your care, such as external medical laboratories and encrypted clinical software providers.

Medical Data Retention

By law, as a healthcare provider in the UK, we are required to retain your medical records for a statutory period. Adult medical records are securely retained for a minimum of 8 years following the last clinical consultation.

Your UK GDPR Rights

You possess standard rights including Access (requesting a copy of your notes), Correction, and Erasure of non-medical data.

Data Security

All patient records are stored on highly secure, encrypted clinical servers. Physical access to our clinic and servers is strictly restricted.

Cookies

Our website utilizes essential cookies to ensure secure online booking and website functionality. We do not use aggressive third-party trackers.

Contact Us

Emailprivacy@bellaskin.co.uk
Phone+44 20 7123 4567

Questions about your data?

Our clinical team is happy to clarify anything in this policy.

Contact the Clinic