Last Updated: 26/03/2025

1. INTRODUCTION

Welcome to Dimond Health & Aesthetic Clinic (“we,” “our,” or “us”). We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://dimondclinic.co.uk/ or use our services.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the site or use our services.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

We may collect personal information that you voluntarily provide to us when you:

• Book an appointment
• Register as a patient
• Complete medical history forms
• Request information about our services
• Contact our clinic
• Provide feedback about our services

This information may include:

• Name
• Email address
• Postal address
• Phone number
• Date of birth
• NHS number (where applicable)
• Medical history and health information
• Insurance details (if applicable)
• Payment information
• Emergency contact details

2.2 Information Automatically Collected

When you visit our website or use our services, we may automatically collect certain information, including:

• IP address
• Browser type
• Operating system
• Device information
• Usage data
• Cookies and similar technologies

3. HOW WE USE YOUR INFORMATION

We may use the information we collect for various purposes, including to:

• Provide healthcare services and treatment
• Manage your patient records
• Schedule and remind you about appointments
• Process payments for services
• Communicate with other healthcare professionals involved in your care
• Respond to your enquiries and requests
• Send you important information about your care
• Monitor and improve our services
• Conduct clinical audits and quality assurance
• Comply with legal and regulatory obligations including NHS requirements
• Train staff and healthcare professionals (using anonymised data where possible)
• Contact you about services that may be of interest (only with your consent)

4. DISCLOSURE OF YOUR INFORMATION

As a healthcare provider, we take confidentiality extremely seriously. We may share your personal information only in the following situations:

• With other healthcare professionals directly involved in your care
• With NHS services when necessary for your treatment
• With third-party service providers who process data on our behalf (such as secure payment processors or appointment scheduling services)
• With your private medical insurance provider, if applicable
• To comply with legal obligations, court orders, or legal proceedings
• To protect your vital interests or those of another person
• With your explicit consent or at your direction
• In connection with a business transaction such as a merger or sale of assets, subject to confidentiality agreements

5. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information, which may include:

• Right to access your personal information
• Right to correct inaccurate or incomplete information
• Right to delete your personal information
• Right to restrict processing of your personal information
• Right to data portability
• Right to object to processing of your personal information
• Right to withdraw consent

To exercise these rights, please contact us using the information provided in the “Contact Us” section below.

6. DATA SECURITY

We implement appropriate technical and organizational measures to protect the security of your personal information. However, please be aware that no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. DATA RETENTION

As a healthcare provider, we are required to maintain patient records for specific periods in accordance with NHS guidelines and UK law.

Adult health records are typically retained for a minimum of 8 years after your last treatment or contact with our clinic. For patients under 18, records are kept until their 25th birthday, or 8 years after their last treatment, whichever is longer.

After these retention periods, your records will be securely destroyed unless there is a legitimate reason to retain them longer (such as ongoing legal proceedings or continued relevance to your healthcare).

8. CHILDREN’S PRIVACY

Our services are not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.

9. THIRD-PARTY WEBSITES

Our website may contain links to third-party websites and services. This Privacy Policy does not apply to such third-party websites and services, and we are not responsible for their privacy statements or practices.

10. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Last Updated” date. We encourage you to review this Privacy Policy frequently to stay informed about how we are protecting your information.

11. CONTACT US

If you have questions or comments about this Privacy Policy, please contact us at:

Dimond Health & Aesthetic Clinic
319 Sandbanks Rd, Lilliput
Poole BH14 8LH
info@dimondclinic.co.uk
01202 929220

12. INTERNATIONAL TRANSFERS

If you are located outside the United Kingdom, your information may be transferred to, stored, and processed in the UK where our servers are located. By submitting your information, you consent to this transfer, storing, or processing.

13. UK DATA PROTECTION RIGHTS

As a UK-based healthcare provider, we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We serve as the data controller of your information. The legal basis for collecting and using your personal information depends on the specific information concerned and the context in which it is collected.

13.1 Lawful Basis for Processing

We process your personal data on the following lawful bases:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose
• Contract: The processing is necessary for a contract we have with you
• Legal obligation: The processing is necessary for us to comply with the law
• Vital interests: The processing is necessary to protect someone’s life
• Public task: The processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law
• Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests

13.2 Healthcare Data

As a healthcare provider, we collect and process special category data including health information. We take additional measures to protect this sensitive information and only process it when:

• You have given explicit consent
• Processing is necessary for medical diagnosis, the provision of health treatment, or the management of health systems
• Processing is necessary to protect your vital interests or those of another person where you are physically or legally incapable of giving consent

13.3 NHS Data Sharing

Where applicable, we may share your information with NHS services in accordance with NHS information governance requirements and only when necessary for your care or when legally required.

14. COOKIE POLICY

Our website uses cookies to enhance your browsing experience. You can adjust your browser settings to refuse cookies or alert you when cookies are being sent. Please refer to our separate Cookie Policy for more information.