PRIVACY POLICY

Last Updated: 01-January-2025

1. Introduction

This Privacy Policy explains how YR Skin Clinic (“we,” “us,” or “our”) collects, uses, shares, and protects personal data provided by clients (“you”) through our website, treatment services, and business operations, in compliance with the General Data Protection Regulation (GDPR), Irish Data Protection Acts, and Irish beauty therapy regulations.

 

2. Information We Collect

Personal and Health Data: We collect information including:

    • Name, email address, phone number, and contact details
    • Treatment enquiry and consultation information
    • Health information relevant to services (where required)
    • Service assessments and treatment records
    • Age verification for treatment eligibility
    • Emergency contact information

Treatment and Service Data: We collect:

    • Treatment appointment information and booking preferences
    • Skin analysis and treatment history documentation
    • Treatment outcomes and progress records (with explicit consent)
    • Product purchase history and skincare preferences
    • Service feedback, reviews, and satisfaction surveys
    • Payment information (processed securely via trusted payment providers)

Website and Booking Usage Data: We automatically collect:

    • IP address, browser information, and device details
    • Pages visited and time spent on site
    • Website interaction patterns and navigation behaviour
    • Booking system interactions and appointment scheduling data
    • Shopping cart behaviour and product browsing (where applicable)

Cookies and Tracking: We use cookies to:

    • Enhance website functionality and client experience
    • Remember treatment preferences and account information
    • Maintain booking system functionality and appointment details
    • Analyse website usage and service performance
    • Provide personalised treatment and product recommendations
    • Support e-commerce functionality (where applicable)

 

3. How We Use Your Information

Treatment Service Delivery:

    • Processing and managing treatment enquiries and consultations
    • Booking and scheduling appointments with qualified therapists
    • Providing safe and suitable beauty treatments
    • Maintaining treatment records for continuity of care
    • Ensuring client safety and treatment effectiveness

Professional Beauty Operations:

    • Managing client accounts and comprehensive treatment history
    • Processing product orders and deliveries (where applicable)
    • Handling returns, exchanges, and refunds for products
    • Improving treatment processes and service quality standards
    • Managing clinic schedules and therapist availability

Client Care and Communication:

    • Sending appointment confirmations and reminder notifications
    • Providing treatment-related information and aftercare instructions
    • Offering updates about new services, treatments, and special offers (with consent)
    • Conducting client satisfaction surveys and feedback collection
    • Post-treatment follow-up care and support

Professional Compliance:

    • Meeting Irish beauty therapy regulatory requirements
    • Protecting client confidentiality and treatment records
    • Maintaining professional standards and safety protocols
    • Ensuring data protection and clinic security measures
    • Complying with health and safety regulations

 

4. Data Sharing and Third Parties

Essential Service Providers:

    • Website and Booking Platforms: Online presence and appointment management systems
    • Payment Processors: Secure payment handling for treatments and products
    • Communication Services: Client messaging, appointment reminders, and notification systems
    • Technology Partners: Website management, booking systems, and technical services
    • Analytics Providers: Service improvement and performance tracking

Professional Integration:

    • Treatment Data Systems: Secure client record management and treatment tracking
    • Product Suppliers: Inventory management and skincare product coordination
    • Professional Services: Consultation with healthcare providers (with explicit consent only)
    • Business Operations: Accounting, scheduling, and clinic management systems

Anonymous Data Usage:

    • Aggregated treatment data for service enhancement (no personal identification)
    • Performance analytics for clinic operations improvement
    • Industry benchmarking and professional development insights

Legal Requirements: Data may be disclosed when required by law, to protect client safety, or to comply with Irish beauty therapy and health regulations.

 

5. Data Security and Protection

We implement professional-grade security measures specifically designed for beauty therapy operations:

    • Enhanced Client Confidentiality: Secure transmission and storage of all treatment data
    • Professional Access Controls: Restricted access to client information by authorised staff only
    • Regular Security Audits: Compliance monitoring and vulnerability assessments
    • Staff Training: Specialised training on client confidentiality and data protection
    • Professional Standards: Adherence to Irish beauty therapy confidentiality requirements
    • Treatment Record Security: Protected storage of health and treatment information

Data Location: Your data is processed within the European Union to ensure GDPR compliance and optimal service delivery.

 

6. Data Retention

We retain personal data in accordance with Irish beauty therapy practice standards:

    • Treatment Records: Retained for 7 years for professional and legal requirements
    • Client Accounts: Retained whilst account is active plus 3 years for business records
    • Health Information: Maintained according to professional therapy standards
    • Communication Data: Retained for 3 years or until consent is withdrawn
    • Payment Data: Minimal retention as required by payment processors
    • Marketing Data: Retained for 3 years or until consent is withdrawn
    • Analytics Data: Anonymised and retained for service improvement

 

7. Your Rights Under GDPR

You have comprehensive rights regarding your treatment and personal data:

    • Access: Request copies of your complete treatment history and personal data
    • Rectification: Update incorrect health information or contact details
    • Erasure: Request deletion of your data (subject to professional record obligations)
    • Restriction: Limit processing of your data in specific circumstances
    • Portability: Transfer your treatment records to another service provider
    • Objection: Opt out of marketing communications and profiling
    • Consent Withdrawal: Unsubscribe from marketing and non-essential communications

To exercise these rights, contact us at info@yrskinclinic.ie.

 

8. Cookies and Consent Management

We use specialised treatment service cookie categories:

Essential Cookies (Always Active):

    • Website functionality and security features
    • Client session management and account access
    • Booking system functionality and appointment scheduling
    • Shopping cart functionality for product purchases (where applicable)
    • Payment processing and transaction security

Analytics and Performance Cookies (With Consent):

    • Website usage insights and performance tracking
    • Service optimisation and treatment improvement initiatives
    • Client journey mapping and booking behaviour analysis
    • Appointment scheduling patterns and clinic efficiency
    • Product performance and inventory tracking (where applicable)

Marketing and Personalisation Cookies (With Consent):

    • Personalised treatment and skincare product recommendations
    • Client segmentation for targeted communications
    • Social media integration and sharing features
    • Retargeting campaigns for beauty services and products
    • Treatment reminder and follow-up systems

Communication Cookies (With Consent):

    • Client support integration and live chat functionality
    • Communication preference management systems
    • Treatment follow-up and feedback collection
    • Appointment reminder and notification systems

 

9. Updates to This Policy

We may update this Privacy Policy to reflect changes in beauty therapy practices or applicable laws. Updates will be posted on this page with a revised “Last Updated” date. Continued use of our services constitutes acceptance of the revised policy.

 

10. Contact Information

For privacy-related enquiries or to exercise your data protection rights:

    • Email: info@yrskinclinic.ie
    • Data Protection Authority: You may also contact the Irish Data Protection Commission if you have concerns about our data handling practises.