Privacy Policy

1. Introduction
 

Welcome to Haus of Eden Aesthetics website. We are committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and safeguard your information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
 

This privacy policy applies to our aesthetic clinic services managed by a registered nurse using Aesthetic Nurse Software.
 

2. Who We Are
 

Haus of Eden Aesthetics 
32 Cliff Street, Wakefield, West Yorkshire, WF2 0DW
www.hausofeden.co.uk

Data Protection Officers: Aesthetics Nurse and Aesthetics Co-ordinator
 

3. What Information We Collect
 

Depending on your interaction with us, we may collect the following:
 

• Name, date of birth, and contact details

• Medical history and health data relevant to aesthetic or holistic treatments

• Appointment history

• Payment and billing details

• Consent and treatment records

• Website usage data via cookies (see section 8)
   

4. How We Collect Your Data
 

We collect personal data through:
 

• Direct interactions (e.g. forms, phone calls, remote calls, in-person visits)

• Online booking systems and digital forms

• Electronic medical records (via Aesthetic Nurse Software). GP and Consultant correspondence (if requested to verify clinical suitability for treatment)

• Our website (analytics and cookies)
   

5. Why We Process Your Data
 

We process your data for:
 

• Providing safe and effective treatments

• Managing appointments and communications

• Legal and regulatory compliance

• Invoicing and payment processing

• Clinical audits and service improvement
   

Legal bases under UK GDPR may include:
 

• Consent (Art. 6(1)(a), Art. 9(2)(a))

• Contract performance (Art. 6(1)(b))

• Legal obligation (Art. 6(1)(c))

• Vital interests or healthcare provision (Art. 9(2)(h))
   

6. Data Storage and Security
 

Your information is securely stored using:
 

• Aesthetic Nurse Software for aesthetic treatment records
   

Our systems are GDPR-compliant and hosted on secure servers with encryption and access controls.We regularly audit access, backup data, and use two-factor authentication where available.
 

7. Sharing Your Information
 

We do not sell or rent your data. We may share information:
 

• With medical professionals involved in your care (with consent)

• With HMRC or regulators if legally required

• With software providers (Aesthetic Nurse Software and Cliniko) for data processing

• With payment processors (if applicable)
   

All third-party processors operate under GDPR-compliant contracts.

8. Website Cookies and Analytics
 

Our website uses cookies to:
 

• Understand website traffic and user behaviour

• Improve user experience

• You can manage cookie preferences through your browser settings. Analytics data is anonymised where possible.

​

9. Your Rights Under GDPR
 

You have the right to:
 

• Request correction or deletion

• Object to or restrict processing

• Data portability

• Withdraw consent at any time

• Lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk

​

10. Retention of Data
 

We retain clinical records for a minimum of 8 years after the last treatment or longer where legally required. Digital communications and consents are stored securely and reviewed periodically.
 

11. Changes to This Policy
 

We may update this policy from time to time. Updates will be posted on our website with a revised effective date.
 

12. Contact Us
 

If you have any questions or wish to exercise your rights, please contact:

Claire Howarth 

Email: hausofeden.contact@gmail.com
Postal: 32 Cliff Street, Wakefield, West Yorkshire, WF2 0DW