For help using our online shop, please see our How To Guides.

Privacy Policy

Last updated 15th June 2023

IMPORTANT INFORMATION AND WHO WE ARE

This policy sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your Personal Data. By visiting aestheticsassociates.com you consent to our use of your data for marketing purposes, including the transfer of your data to third parties for marketing activities. This may involve sharing your information with trusted business partners or service providers who assist us in our marketing efforts.

If you wish to withdraw your consent or have any concerns about the processing of your data, please contact us using the information provided in our Privacy Policy.

For the purpose of the General Data Protection Regulations (GDPR), the data controller is JB Aesthetics Limited t/a Aesthetics Associates of 4 Boultbee Road, Sutton Coldfield B72 1DW.

We know that you value your privacy and the security of personal information held about you. We are committed to handling your Personal Data and personal sensitive data in line with data protection law and principles, which means that your data will be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept securely.

This website is not intended for children, and we do not knowingly collect data relating to children.

WHAT IS PERSONAL DATA?

Personal Data means information that can directly or indirectly identify you (“Personal Data”). This typically includes information such as your name, address, email address, and telephone number, but can also include other information such as an IP address.

HOW DO WE COLLECT PERSONAL DATA?

We use different methods to collect data from and about you, including through:

Direct interactions: You may give us your Personal Data by speaking to us on the phone or online; filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • Register for an account with us;
  • Apply for or buy our products or services;
  • Subscribe to our service or publications;
  • Request marketing to be sent to you;
  • Attend a training course or Event day; or
  • Give us some feedback.

Automated technologies or interactions: As you interact with our website, we may automatically collect data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, and other similar technologies. Please see our Cookies Policy for further details.

Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below:

  • Technical data from analytics providers such as Google based outside the EU (please see our Cookies Policy);
  • Contact and financial data from providers of technical, payment and delivery services such as our bank based inside the EU.
  • Contact data from publicly availably sources such as Companies House based inside the EU.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

To see what personal data we collect, for what purpose, how we use it, retain it and secure it, please see the different categories below.

ACCOUNT HOLDERS

What information is collected?

When you apply for an Aesthetics Associates account, we may collect the following Personal Data from you: name, title, date of birth, postal address, invoice address, business / company details, email address, business telephone number, mobile number, professional registration number, prescriber name, prescriber title, prescriber professional registration number, social media profiles, signature, photographic identification, gender, training certificates, insurance details and product preferences.

When you use your account to place an order, we may collect the following further Personal Data from you: prescriptions for your patients (including their name, address, date of birth, health information), payment information (i.e. bank, debit/credit card, cheque details), and a delivery address. We may also collect further information in the event of a dispute, return, refund or complaint.

You must ensure that the information you provide is accurate and complete. Failure to provide accurate information may lead to your account being closed.

Regarding each of your visits to our site we may automatically collect the following information:

  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

What is the purpose of the processing?

We process this Personal Data to provide you with an account and credit terms at Aesthetics Associates, so that you can place orders for our products and services. Further, we process this Personal Data to provide you with your orders, take payment for your orders, and deal with any queries or returns or complaints.

Where and for how long is the data stored?

Applications are kept on a secure UK-based server and cloud. Access to such information is limited to those members of staff that need to access them. All applications are kept as long as the account remains open.

You are responsible for updating your key contact information on your account. Such updates may only be accepted in writing.

Orders and prescriptions sent through our shop at aesthehticsassociates.com are kept encrypted on a secure UK-based server and cloud. Access to such orders/prescriptions are limited to those members of staff that need to access them.

Prescriptions received via email will be hosted on our secure email server and cloud based in the UK. Aesthetics Associates advocates that account holders consider sending prescriptions on encrypted emails as a further security measure.

Order and payment details, as well as complaints and credit notes are kept on our secure accounts UK-based server and cloud system for as long as is legally required, normally up to seven years as per HMRC guidelines.

Marketing

If you opt-in (online or offline) to receive online marketing and offers, we will add your name and email address to our marketing database which is managed by Mailchimp. Please review their data policy here https://mailchimp.com/legal/terms/

Your mobile number will be added to our SMS marketing database which is managed by VoodooSMS. Please review their data policy here https://help.voodoosms.com/en/articles/85-data-protection-and-retention-policy

You can change your marketing preferences at any time and will always be offered the opportunity to unsubscribe. We process your name and email address on this basis under your positive consent to do so.

Under direct marketing laws, we may also send you online marketing if you have previously placed an order with us. You can change your marketing preferences at any time and will always be offered the opportunity to unsubscribe.

We may from time to time sent direct print marketing to you, under our legitimate interests.

We will still contact you regarding your account or orders even if you have opted out of receiving marketing from us.

Who may the information be shared with?

We may share Personal Data that we receive from account holders including information used to set-up their account with the following third parties:

Our service providers – This includes external third-party service providers, such as pharmacies, accountants, auditors, experts, lawyers, credit reference agencies, and other outside professional advisors; IT systems, support and hosting service providers; card payment tools; printing, advertising, marketing and market research and analysis service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.

All our online service providers are based in the UK, based in countries recognised as having adequate level of data protection, or have in place Data Processing Addendums containing Standard Contractual Clauses as set out by the EU. Our website has implemented Google Analytics Demographics and Interest Reporting. Any demographic reports produced using this data will be used to determine a better understanding of our website traffic. You can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings. In addition, you can use the Google Analytics Opt-Out Browser Add-on to disable tracking by Google Analytics. Please also see our Cookies policy for further information.

Government or other public authorities – This includes, but is not limited to, law enforcement or other agencies to which we are required to disclose Personal Data by law, or by a warrant or court order.

Our Suppliers – we may share Personal Data limited to your account name, account number and partial account address, and details of your purchases with a restricted list of our suppliers to fulfil our and our suppliers’ legitimate interests. These legitimate interests include ensuring product safety and fulfilling reporting requirements with regards to faulty products and recalls, as well as supplying you with free-of-charge products and technical/marketing assistance. Our suppliers have a legitimate interest in wanting to help build and develop your business.

Third parties – In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Aesthetics Associates or substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets.

What is the legal basis for processing the Personal Data?

We may process your Personal Data on the following bases:

  • To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us.
  • Fulfil our legal and regulatory obligations such as preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies or the regulators; ensuring the health, safety and protection of our staff.
  • Your consent in relation to marketing; to deliver relevant on-line advertising to you; to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
  • Exercise tasks under our legitimate interests such as to:
    • enforce our terms and conditions, notably conditions of returns, refunds and payments;
    • handing customer contacts, queries and complaints or disputes;
    • to protect our operations or those of any of our group companies;
    • to protect our rights, privacy, safety of property, and that of our group companies, you or others;
    • to allow us to pursue available remedies or limit our damages;
    • ensure the security and integrity of our services and ensuring our websites operate effectively;
    • to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
    • to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
    • where we extend credit to you for the products we may pass your Personal Data to credit reference agencies and they may keep a record of any search that they do. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

 

SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Our site may, from time to time, contain links to and from the websites of our partner networks, our social media pages, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

We do not sell, share or rent any information collected to third parties except for those detailed in this privacy policy.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

COOKIES

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them please see our Cookies Policy.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

SOCIAL MEDIA PLATFORMS

Communication, engagement and actions taken through external social media platforms that this website and the Company participate are done on the terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution regarding their own privacy and personal details. This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

ACCESS TO INFORMATION

Under the General Data Protection Regulations, you have the following rights:

  • Obtain from us confirmation as to whether or not we process Personal Data from you and, where that is the case, access to your Personal Data;
  • Rectification of inaccurate Personal Data;
  • Erasure of Personal Data;
  • Objection to the processing of Personal Data;
  • Restriction of processing of Personal Data; and
  • Portability of Personal Data – to receive the Personal Data you have provided to us in a structured, commonly used and machine-readable form and transmit it to another data controller.

In some instances, for example in relation to processing medical records, our legal obligations or public duties may override your rights under data protection laws.

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

You can learn more about these rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/. Should you choose to exercise any of these rights, a record will be maintained by Aesthetics Associates.

Where your consent is the legal basis for the processing of your Personal Data, you can withdraw your consent for marketing communications by logging into your account or using the unsubscribe link in any of our marketing communications or by sending us an email to [email protected]. Please note that withdrawing your consent will not affect the lawfulness of the processing before the withdrawal.

If you think that the processing of Personal Data by us violates data protection laws, you can lodge a complaint with the Information Commissioner in the UK (www.ico.org.uk).

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Open chat
Hello! Welcome to Aesthetics Associates.

Can we help you?