top of page

Privacy Policy

Please see below for our  of privacy policy.  If you wish to download a copy please click the link below. (the "Site") is owned and operated by serena morgan. serena morgan is the

data controller and can be contacted at:

07701 072594

Regent Street, London, W1B 5TF


The purpose of this privacy policy (this "Privacy Policy") is to inform users of our Site of the


1. The personal data we will collect;

2. Use of collected data;

3. Who has access to the data collected;

4. The rights of Site users; and

5. The Site's cookie policy.

This Privacy Policy applies in addition to the terms and conditions of our Site.



For users in the European Union, we adhere to the Regulation (EU) 2016/679 of the European

Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation

(the "GDPR"). For users in the United Kingdom, we adhere to the GDPR as enshrined in the Data

Protection Act 2018.

We have not appointed a Data Protection Officer as we do not fall within the categories of

controllers and processors required to appoint a Data Protection Officer under Article 37 of the



By using our Site users agree that they consent to:

1. The conditions set out in this Privacy Policy.

Page 1 of 6

Legal Basis for Processing

We collect and process personal data about users in the EU only when we have a legal basis for

doing so under Article 6 of the GDPR.

We rely on the following legal bases to collect and process the personal data of users in the EU:

1. Processing of user personal data is necessary for us or a third pary to pursue a legitimate

interest. Our legitimate interest is not overriden by the interests or fundamenal rights and

freedoms of users. Our legitimate interest(s) are: To provide the best possible healthcare with

as much medical history possible to ensure correct treatment for the patient;

2. Processing of user personal data is necessary for us to comply with a legal obligation. If a

user does not provide the the personal data necessary for us to perform a legal obligation the

consequences are as follows: It may result in a treatment that is unstable for the the patients

needs; and

3. Processing of user personal data is necessary to protect the life of the user or another natural


Personal Data We Collect

We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not

collect any additional data beyond the data listed below without notifying you first.

Data Collected in a Non-Automatic Way

We may also collect the following data when you perform certain functions on our Site:

1. First and last name;

2. Age;

3. Date of birth;

4. Sex;

5. Email address;

6. Phone number; and

7. Any medical history you feel is relevant to your treatment.

This data may be collected using the following methods:

1. You adding in the information to your booking.

How We Use Personal Data

Data collected on our Site will only be used for the purposes specified in this Privacy Policy or

indicated on the relevant pages of our Site. We will not use your data beyond what we disclose in

this Privacy Policy.

The data we collect when the user performs certain functions may be used for the following purposes:

1. For tailoring the correct treatment for your needs.

Who We Share Personal Data With


We may disclose user data to any member of our organisation who reasonably needs access to user

data to achieve the purposes set out in this Privacy Policy.

Other Disclosures

We will not sell or share your data with other third parties, except in the following cases:

1. If the law requires it;

2. If it is required for any legal proceeding;

3. To prove or protect our legal rights; and

4. To buyers or potential buyers of this company in the event that we seek to sell the company.

If you follow hyperlinks from our Site to another Site, please note that we are not responsible for

and have no control over their privacy policies and practices.



How Long We Store Personal Data

User data will be stored for 7 years.

You will be notified if your data is kept for longer than this period.



How We Protect Your Personal Data

User information and patient notes are stored on Cliniko's database. security information regarding

their Data protection is below.

'We take security seriously. Data is encrypted, stored in state-of-the-art facilities, access is restricted

to those who have a need to know, and we regularly review our technology to maintain security.

In the event that there is a breach and your Personal Information that we have collected directly is at

risk, you will be notified within 72 hours of discovering the breach. You will be informed of what

information is at risk, steps that we have taken to ensure your safety, and what action we are taking

or have taken to rectify the breach. To the extent permissible at law, in the event that there is a

breach and indirectly collected information is at risk, we will follow the same protocol, however the

affected Customers (rather than the individuals) will be notified instead.

More about security can be found at'

While we take all reasonable precautions to ensure that user data is secure and that users are

protected, there always remains the risk of harm. The Internet as a whole can be insecure at times

and therefore we are unable to guarantee the security of user data beyond what is reasonably


Your Rights as a User

Under the GDPR, you have the following rights:

1. Right to be informed;

2. Right of access;

3. Right to rectification;

4. Right to erasure;

5. Right to restrict processing;

6. Right to data portability; and

7. Right to object.




We do not knowingly collect or use personal data from children under 16 years of age. If we learn

that we have collected personal data from a child under 16 years of age, the personal data will be

deleted as soon as possible. If a child under 16 years of age has provided us with personal data their

parent or guardian may contact our privacy officer.

How to Access, Modify, Delete, or Challenge the Data Collected

If you would like to know if we have collected your personal data, how we have used your personal

data, if we have disclosed your personal data and to who we disclosed your personal data, if you

would like your data to be deleted or modified in any way, or if you would like to exercise any of

your other rights under the GDPR, please contact our privacy officer here:

serena morgan

07701 072594

Regent Street, London, W1B 5TF

How to Opt-Out of Data Collection, Use or Disclosure

In addition to the method(s) described in the How to Access, Modify, Delete, or Challenge the Data

Collected section, we provide the following specific opt-out methods for the forms of collection,

use, or disclosure of your personal data specified below:

1. __________________________________________________________________________




. You can opt-out by but clicking "unsubscribe" on the bottom of any marketing email or but

updating your email preferences under "Your Account".

Cookie Policy

A cookie is a small file, stored on a user's hard drive by a website. Its purpose is to collect data

relating to the user's browsing habits. You can choose to be notified each time a cookie is

transmitted. You can also choose to disable cookies entirely in your internet browser, but this may

decrease the quality of your user experience.

We use the following types of cookies on our Site:

1. Analytical cookies

Analytical cookies allow us to improve the design and functionality of our Site by collecting

data on how you access our Site, for example data on the content you access, how long you

stay on our Site, etc.


This Privacy Policy may be amended from time to time in order to maintain compliance with the

law and to reflect any changes to our data collection process. When we amend this Privacy Policy

we will update the "Effective Date" at the top of this Privacy Policy. We recommend that our users

periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary,

we may notify users by email of changes to this Privacy Policy.


If you have any complaints about how we process your personal data, please contact us through the

contact methods listed in the Contact Information section so that we can, where possible, resolve the

issue. If you feel we have not addressed your concern in a satisfactory manner you may contact a

supervisory authority. You also have the right to directly make a complaint to a supervisory

authority. You can lodge a complaint with a supervisory authority by contacting the Red Guava.

Contact Information

If you have any questions, concerns or complaints, you can contact our privacy officer, serena

morgan, at:

Regent Street, London, W1B 5TF

bottom of page