Last Updated: June 2024

  1. Introduction

Welcome to Dr Johanna Ward’s website. We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website www.drjohannaward.co.uk (the "Site") and when you use our services. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it.

  1. Information We Collect

We may collect and process the following data about you:

2.1 Personal Data

  • Identity Data: Includes first name, last name, username or similar identifier, title, date of birth, and gender.
  • Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
  • Financial Data: Includes bank account and payment card details.
  • Transaction Data: Includes details about payments to and from you and other details of services you have purchased from us.
  • Technical Data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile Data: Includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
  • Usage Data: Includes information about how you use our website, products, and services.
  • Marketing and Communications Data: Includes your preferences in receiving marketing from us and your communication preferences.

2.2 Special Categories of Personal Data

We may also collect, store, and use the following "special categories" of more sensitive personal information:

  • Information about your health, including medical history and records, relevant to the aesthetics treatments you are seeking.
  1. How We Collect Your Data

We use different methods to collect data from and about you, including through:

  • Direct Interactions: You may give us your Identity, Contact, and Financial Data by filling in forms or by corresponding with us by post, phone, email, or otherwise. This includes personal data you provide when you:
    • Apply for our services;
    • Create an account on our website;
    • Subscribe to our service or publications;
    • Request marketing to be sent to you;
    • Enter a competition, promotion, or survey;
    • Provide us with feedback or contact us.
  • Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.

  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties and public sources as set out below:
    • Technical Data from the following parties:
      • Analytics providers such as Google based outside the UK;
      • Advertising networks based inside or outside the UK;
      • Search information providers based inside or outside the UK.
    • Contact, Financial, and Transaction Data from providers of technical, payment, and delivery services based inside or outside the UK.
    • Identity and Contact Data from data brokers or aggregators based inside or outside the UK.
    • Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register based inside the UK.
  1. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of Contract: Where we need to perform the contract we are about to enter into or have entered into with you.
  • Legitimate Interest: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Legal or Regulatory Obligation: Where we need to comply with a legal or regulatory obligation.
  • Consent: Where you have given your consent to process your personal data for a specific purpose.
  1. Purposes for Which We Will Use Your Personal Data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity

Type of Data

Lawful Basis for Processing Including Basis of Legitimate Interest

To register you as a new customer

Identity, Contact

Performance of a contract with you

To process and deliver your treatment: managing payments, fees, and charges; collecting and recovering money owed to us

Identity, Contact, Financial, Transaction, Marketing and Communications

Performance of a contract with you; Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include: notifying you about changes to our terms or privacy policy; asking you to leave a review or take a survey

Identity, Contact, Profile, Marketing and Communications

Performance of a contract with you; Necessary to comply with a legal obligation; Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data)

Identity, Contact, Technical

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud, and in the context of a business reorganisation or group restructuring exercise); Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Identity, Contact, Profile, Usage, Marketing and Communications, Technical

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business, and to inform our marketing strategy)

To use data analytics to improve our website, products/services, marketing, customer relationships, and experiences

Technical, Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business, and to inform our marketing strategy)

To make suggestions and recommendations to you about goods or services that may be of interest to you

Identity, Contact, Technical, Usage, Profile

Necessary for our legitimate interests (to develop our products/services and grow our business)

  1. Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.