As part of our privacy policy, any information shared with Rose Gold Aesthetics Ltd is inline with ICO Data protection. We ensure that all personal information including email addresses and contact details will NOT be shared or disclosed in any way, with any other party. Information and data collected online through this website or otherwise supplied to Rose Gold Aesthetics Ltd, will only be used for its intended purpose. No information will be given by Rose Gold Aesthetics Ltd to any third parties or agencies. No personal information will be stored on this website. All and any data received from applicants will be deleted when they are no longer required. All treatments carried out at our clinic are strictly private and confidential. We confirm that where you give us your confidential information, we shall at all times keep it confidential. Except as required by law or as provided for in regulatory, ethical or other professional pronouncements applicable to your appointment. We take the clients confidentiality very seriously, and this applies to all our clients whether celebrity status or not.
This policy (together with our terms of use and any other documents referred to therein) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We may collect and process the following data about you: Information that you provide by filling in an enquiry form on our site. We will use this information to send answers to your enquiries only. This will be stored: on our email system. You have the right to withdraw consent at any time by asking us to delete these emails. If you contact us by email, we will keep a record of that correspondence. This will be stored on our email database. You have the right to withdraw consent at any time by asking us to delete these mails.
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. See our cookie policy for more information.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Union (“EU”). It may also be processed by staff operating outside the EU who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We use information held about you in the following ways: To reply to your enquiries. To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. To allow you to participate in interactive features of our service, when you choose to do so. If you are an existing customer, we will contact you by phone, e-mail or SMS with information about goods and services like those which were the subject of a previous sale to you. You have the right to withdraw consent at any time. We may disclose your personal information to members of our company, which means our parent company, its subsidiaries and colleagues where appropriate. You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us using our usual methods. Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personally identifiable information of individuals (formally called data subjects in the GDPR) inside the European Union, and applies to all enterprises, regardless of location, that are doing business with the European Economic Area. Business processes that handle personal data must be built with data protection by design and by default, meaning that personal data must be stored using pseudonymisation or full anonymisation, and use the highest-possible privacy settings by default, so that the data is not available publicly without explicit consent, and cannot be used to identify a subject without additional information stored separately. No personal data may be processed unless it is done under a lawful basis specified by the regulation, or if the data controller or processor has received explicit, opt-in consent from the data subject. The data subject has the right to revoke this permission at any time.
A processor of personal data must clearly disclose any data collection, declare the lawful basis and purpose for data processing, how long data is being retained, and if it is being shared with any third-parties or outside of the EU. Data subjects have the right to request a portable copy of the data collected by a processor in a common format, and the right to have their data erased under certain circumstances. Public authorities, and businesses whose core activities centre around regular or systematic processing of personal data, are required to employ a data protection officer (DPO), who is responsible for managing compliance with the GDPR. Businesses must report any data breaches within 72 hours if they have an adverse effect on user privacy.