About This Policy
Policy key definitions:
I”, “our”, “us”, or “we” refer to the business, [Vis a Vis Skin Clinic Ltd].
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a user’s computer or device.
Key principles of GDPR:
What type of information do we collect?
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
The types of your Personal Data we collect depends on the nature of your relationship us and applicable laws.
The Personal Data we process about you, includes the data we collect directly from you either as part of your relationship with us or through other interactions you may have with us. The information we process about you may include the following categories of Personal Data:
Age and date of birth;
Health and other Sensitive Personal Data;
Data collected from Cookies;
Data collected from website / mobile device usage and analytics;
Personal contact information (address, telephone, email address);
Programs and activities in which you participated;
Trials and use of our products;
Opinions about us or our product and services;
Communication and other personal preferences;
Product request information;
Photographs and video;
Payment related information;
Product identifying, generated, usage, and diagnostic data; and/or
Product service and error data
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
We are registered with the ICO under the Data Protection Register, our registration number is: A8851785.
Lawful basis: Consent
Where our purpose for processing is: To obtain information from you about your suitability for treatment and to monitor outcomes and progress.
Which is necessary for:
Processing and reporting of adverse events;
To communicate product safety information to you;
Product quality and complaint management;
Administering and maintaining legally required product registries, including medical device tracking;
Administering and maintaining voluntary patient engagement and support platforms;
Responding to your requests for information, products, or services;
Our company compliance and facility and network security purposes;
Internal investigations of possible misconduct or failure to comply with
our policies and procedures;
Auditing our programs and services for compliance purposes;
Legal proceedings and government investigations (such as pursuant to warrants, subpoenas, and court legal orders);
Where we have Legal obligations to process the personal data;
Communications regarding our studies;
Communications about market research and product developments;
Communications about product information;
Communications about general health information (such as information on certain health conditions);
To determine your eligibility for certain products, services, or programs;
Organizational planning and development (such as internal communications, budgets, administration, and project management);
Administering educational programs;
Business and marketing research;
Authenticating and verifying your identity in your interactions with us;
Tracking your interactions (online and offline) with us; Improvement and development of our products and services;
Device and application diagnostics;
Statistical analysis; Payment processing; and/or
For any additional purposes where we are required to notify you and get your consent, including those purposes required by local law, we will obtain your consent before we process your Personal Data for those purposes
We process your information in the following ways: Your details are stored securely on electronic devices and booking systems.
Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here [https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/]
the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data. We handle subject access requests in accordance with the GDPR.
How do we collect information?
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
Why do we collect such personal information?
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
How do we store, use, share and disclose our site visitors' personal information?
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
How do we communicate with our site visitors?
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
Currently we are not using ant tracking tools on our website.
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at [email@example.com]