Privacy Policy

Beautilash ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website or use our services.

We are based in the United Kingdom and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

When you book an appointment, we may collect:

• Your name and contact details (phone number, email address)
• Relevant medical information for patch tests and consultations
• Treatment history and preferences
• Payment information (processed securely via bank transfer)

We only collect information that is necessary to provide our services safely and effectively.

We use Cloudflare Web Analytics to understand how visitors use our website. This service is designed with privacy in mind:

• No cookies: Cloudflare Web Analytics does not use cookies or any form of local storage
• No cross-site tracking: Your browsing activity is not tracked across different websites
• Privacy-first: The service collects only aggregated, anonymous metrics about page views and visits
• GDPR compliant: Cloudflare acts as a data processor and does not sell or share personal data

Because we do not use tracking cookies, you will not see a cookie consent banner on our website for analytics purposes.

We use the information you provide to:

• Schedule and manage your appointments
• Provide safe and personalised treatments
• Contact you about your bookings or any changes
• Maintain accurate treatment records
• Process payments

We will never sell your personal information to third parties or use it for marketing purposes without your explicit consent.

Your personal information is stored securely and only accessible to authorised personnel. We take appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction.

We retain client records for as long as necessary to provide our services and comply with legal obligations. Medical records related to treatments are kept in accordance with professional guidelines.

Under UK data protection law, you have the right to:

• Access: Request a copy of the personal information we hold about you
• Rectification: Ask us to correct any inaccurate information
• Erasure: Request deletion of your personal data (subject to legal requirements)
• Restriction: Ask us to limit how we use your data
• Portability: Request your data in a portable format
• Object: Object to certain types of processing

To exercise any of these rights, please contact us using the details below.

We may share your information with third parties only when necessary to provide our services, such as:

• Payment processors (for secure payment handling)
• Website hosting providers (Cloudflare)

All third parties we work with are required to handle your data securely and in compliance with applicable data protection laws.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

Last updated: February 2026