Dilek Kala Aesthetic & Beauty (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store and share your personal information when you visit our website or use our services.
1. Who we are
We are Dilek Kala Aesthetic & Beauty, located at 20 London Road, Enfield EN2 6ED. For any questions about this policy, please contact us at dilekkala1985@hotmail.com or call 07397 655 682.
We act as the data controller for the personal information we collect about you, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information we collect
We collect the following categories of personal information:
- Contact details — name, email, phone number when you enquire or book
- Health information — medical history, allergies and consent forms you share during consultation (special-category data)
- Appointment records — details of treatments, dates, and aftercare notes
- Before/after photographs — only with your explicit written consent
- Website usage data — IP address, browser type, pages visited, via cookies and analytics tools
- Marketing preferences — if you subscribe to updates
3. How we use your information
We use your personal information to:
- Provide consultations, treatments and aftercare
- Maintain medical records as required by our insurer and regulators
- Respond to enquiries and manage appointments
- Send appointment reminders (SMS, email or WhatsApp)
- Improve our website and services
- Comply with legal and regulatory obligations
4. Legal basis for processing
We rely on the following legal bases under UK GDPR:
- Consent — for marketing and use of photographs
- Contract — to deliver the treatments you book
- Legal obligation — to keep treatment records
- Legitimate interests — to run and promote our business
- Explicit consent — for processing health data (special category)
5. Sharing your information
We do not sell your personal data. We only share it with:
- Our booking platform (Treatwell), where you choose to book through it
- Payment processors for secure transaction handling
- Our insurer or regulator if required
- Email and SMS providers (e.g. for reminders)
- Professional advisors (accountant, lawyer) where strictly necessary
- Law enforcement where required by law
6. How long we keep your information
We keep treatment records for a minimum of 8 years after your last appointment, in line with insurance and professional standards. Website enquiries that do not lead to treatment are kept for 2 years. Marketing data is kept until you unsubscribe.
7. Your rights
Under UK GDPR you have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase your data (subject to legal record-keeping obligations)
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with the Information Commissioner’s Office (ICO)
To exercise any of these rights, contact us at dilekkala1985@hotmail.com.
8. Cookies and analytics
Our website uses cookies and similar technologies. For details see our Cookie Policy. You can change your preferences at any time through your browser or our cookie banner.
9. Security
We take reasonable technical and organisational measures to protect your data against unauthorised access, loss or misuse. No transmission over the internet is ever fully secure, however, and we cannot guarantee absolute security.
10. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top will reflect the most recent version. Material changes will be highlighted on this page.
11. Contact
Questions or complaints? Please email dilekkala1985@hotmail.com or write to us at 20 London Road, Enfield EN2 6ED.