Our Privacy & Cookie Policy

Dr Hasaneen Al Janabi MBBS (Lond) BSc (Hons) MRCS (ENT) is the data controller for your personal information. You can contact us at:

Address: 54 Vivian Avenue, NW4 3XH, London

Phone: 020 8168 8178

Email: info@drhassclinic.co.uk

3.1 Personal Information

• Name, address, telephone number, email address
• Date of birth and age
• Medical history and health information relevant to treatment
• Photographs for clinical documentation, treatment monitoring, and (if explicitly consented) for marketing purposes
• Payment and billing information
• Emergency contact details

3.2 Website Information

• IP address and browser information
• Cookies and similar tracking technologies
• Pages visited and time spent on our website
• Referral sources

3.3 Communication Records

• Consultation notes and treatment records
• Email correspondence and phone call records
• Appointment scheduling information
• Feedback and survey responses

4.1 Primary Purposes

• Medical Care: Providing aesthetic treatments and medical services
• Appointment Management: Scheduling and managing consultations and treatments
• Treatment Planning: Developing personalised treatment plans
• Health and Safety: Ensuring safe treatment delivery and aftercare
• Legal Compliance: Meeting regulatory and professional obligations

4.2 Secondary Purposes

• Communication: Sending appointment reminders and aftercare information
• Marketing: With your consent, sending newsletters and treatment updates
• Quality Improvement: Analysing service delivery and patient satisfaction
• Website Functionality: Improving user experience and site performance

We process your personal data under the following legal bases:

• Consent: For marketing communications and non-essential photography
• Contract: For providing requested treatments and services
• Legal Obligation: For regulatory compliance and professional standards
• Vital Interests: For medical emergencies or urgent health concerns
• Legitimate Interests: For business operations, fraud prevention, and service improvement

We may share your information with:

6.1 Healthcare Professionals

• Referring doctors or specialists (with your consent)
• Emergency services (if medically necessary)
• Professional advisors for complex cases

6.2 Service Providers

• Appointment booking systems
• Payment processors (secure, encrypted transactions)
• IT support and website maintenance providers
• Professional indemnity insurers

6.3 Legal Requirements

• Regulatory bodies (GMC, CQC) when required
• Law enforcement agencies when legally obligated
• Courts or tribunals when compelled by law

6.4 Sub-processors

We work with trusted third-party service providers who may process your data on our behalf. A full list of current sub-processors is available upon request by contacting info@drhassclinic.co.uk.

We never sell your personal information to third parties.

We implement appropriate technical and organisational measures to protect your personal information:

• Encryption: Sensitive data is encrypted in transit and at rest
• Access Controls: Limited access on a need-to-know basis
• Regular Backups: Secure backup systems with encryption
• Staff Training: All staff members with access to your data are bound by strict confidentiality agreements and receive ongoing training
• Physical Security: Secure premises with controlled access

We retain your personal information for the following periods:

• Medical Records: 8 years from last treatment (adults) or until age 25 (minors)
• Financial Records: 7 years from last transaction
• Marketing Consents: Until withdrawn or 3 years of inactivity
• Website Analytics: 26 months maximum
• CCTV Footage: 30 days (if applicable)

Under UK data protection law, you have the right to:

• Access: Request copies of your personal information
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal obligations)
• Restrict Processing: Limit how we use your information
• Data Portability: Receive your data in a structured format
• Object: Opt out of marketing communications or legitimate interest processing
• Withdraw Consent: Remove consent for specific processing activities

To exercise these rights, contact us at info@drhassclinic.co.uk or 020 8168 8178.

10. Cookies and Website Analytics

Our website uses cookies to improve functionality and user experience. You can manage your cookie preferences through the banner displayed on your first visit or through your browser settings.

10.1 What Are Cookies?

Cookies are small text files that are placed on your device when you visit our website. They help us provide you with a better browsing experience and allow certain features to function properly.

10.2 Types of Cookies We Use

Essential Cookies (Always Active)

These cookies are necessary for the website to function and cannot be switched off in our systems:

• Session Management: Maintains your session as you navigate the site
• Security: Protects against cross-site request forgery attacks
• Load Balancing: Ensures optimal website performance
• Cookie Consent: Remembers your cookie preferences

Analytics Cookies (Optional)

These cookies help us understand how visitors interact with our website:

• Google Analytics: Tracks website usage, page views, and user behaviour
• Performance Monitoring: Identifies technical issues and loading times
• Traffic Sources: Shows how visitors find our website
• Popular Content: Helps us understand which pages are most useful

Data Collected: Page views, time spent on site, bounce rate, geographic location (city level), device type, browser information Retention Period: 26 months maximum Third Parties: Google Analytics

Marketing Cookies (Optional)

These cookies are used for advertising and remarketing purposes:

• Facebook Pixel: Tracks conversions and enables targeted advertising
• Google Ads: Measures ad performance and enables remarketing
• Social Media Integration: Enables sharing and social media features

Data Collected: Pages visited, actions taken, interests, demographics Retention Period: Up to 2 years Third Parties: Meta (Facebook), Google, LinkedIn

Functional Cookies (Optional)

These cookies enhance your experience but are not essential:

• Live Chat: Remembers your chat preferences and history
• Form Completion: Saves partially completed forms
• Language Preferences: Remembers your preferred language
• Accessibility Settings: Maintains your accessibility preferences

10.3 Managing Your Cookie Preferences

Cookie Banner

When you first visit our website, you’ll see a cookie banner allowing you to:

• Accept all cookies
• Reject non-essential cookies
• Customise your preferences
• View detailed information about each cookie type

Browser Settings

You can also manage cookies through your browser settings:

• Chrome: Settings > Privacy and Security > Cookies and other site data
• Firefox: Settings > Privacy & Security > Cookies and Site Data
• Safari: Preferences > Privacy > Cookies and website data
• Edge: Settings > Cookies and site permissions

Opt-Out Links

You can opt out of specific tracking services:

• Google Analytics: Google Analytics Opt-out
• Facebook Pixel: Facebook Ad Preferences
• Google Ads: Google Ad Settings

10.4 Impact of Disabling Cookies

If you disable cookies, you may experience:

• Reduced website functionality
• Inability to remember your preferences
• Need to re-enter information on each visit
• Less personalised experience

Essential cookies cannot be disabled as they are necessary for the website to function properly.

10.5 Third-Party Cookies

Some cookies are set by third-party services that appear on our pages:

• Google Analytics: Web analytics service
• Facebook Pixel: Social media and advertising platform
• YouTube: Video content (if embedded)
• Google Maps: Location services (if embedded)

These third parties have their own privacy policies and cookie policies, which we recommend you review.

10.6 Cookie Updates

We may update our cookie usage from time to time. When we make significant changes, we will:

• Update this policy
• Notify you through our website
• Request fresh consent where required

Some of our service providers may process data outside the UK. When this occurs, we ensure adequate protection through:

• Adequacy Decisions: Transfers to countries with adequate protection
• Standard Contractual Clauses: EU-approved data transfer agreements
• Binding Corporate Rules: For multinational service providers

We do not knowingly collect personal information from children under 16 without parental consent. If you believe we have collected information from a child inappropriately, please contact us immediately.

We may update this Privacy Policy periodically. Significant changes will be communicated through:

• Website notifications
• Email alerts (for registered users)
• Direct communication for material changes affecting your rights

If you have concerns about how we handle your personal information, please contact us first. If you remain unsatisfied, you can lodge a complaint with:

Information Commissioner’s Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

For any privacy-related questions or to exercise your rights:

Dr Hass Clinic

Address: 54 Vivian Avenue, NW4 3XH, London

Phone: 020 8168 8178

Email: info@drhassclinic.co.uk

Website: https://drhassclinic.co.uk