Privacy Policy — Blue Bird Aesthetics

Last updated: March 2026

1. Who We Are

Blue Bird Aesthetics (“we”, “us”, “our”) is the data controller responsible for your personal information.

Blue Bird Aesthetics Ltd 4 Warwick Lane, Worthing, BN11 3DP Email: drhalliday@bluebirdaesthetics.co.uk Phone: 07860 159 790

We are registered with the Information Commissioner’s Office (ICO). ICO Registration Number: ZB922138.

We are committed to handling your personal data safely, lawfully, and transparently.

2. The Information We Collect

We collect personal data so we can provide safe, effective, doctor‑led aesthetic treatments. This may include:

  • Identity and contact details
  • Medical history, medications, allergies, treatment notes, photographs
  • Appointment and consultation information
  • Payment information (processed securely by third‑party providers)
  • Website enquiry data, IP address, usage data, cookies (see separate Cookie Policy)

Medical information is classified as special category data under UK GDPR and is protected with enhanced safeguards.

3. How We Collect Your Data

We collect data when you:

  • Book an appointment or consultation
  • Complete medical or consent forms
  • Contact us by email, phone, WhatsApp or via our website
  • Visit our website
  • Engage with us on social media
  • Leave reviews or feedback

4. Why We Use Your Data

We process your data to:

  • Provide safe, personalised aesthetic treatments
  • Assess suitability for treatment
  • Maintain accurate medical records
  • Manage appointments and communication
  • Process payments and invoices
  • Meet legal, regulatory, and insurance obligations
  • Improve our services
  • Send marketing communications (only with your consent)

Marketing communications are sent in accordance with the Privacy and Electronic Communications Regulations (PECR).

5. Our Legal Basis for Processing

We process your personal data under:

  • Consent
  • Contract
  • Legal obligation
  • Legitimate interests

For medical information (special category data), we rely on:

  • Article 9(2)(h) — provision of health or social care
  • Article 9(2)(a) — explicit consent (where required)

6. How Long We Keep Your Data

We retain personal data only for as long as necessary:

  • Medical and treatment records: 10 years
  • Records relating to under‑18s: retained in accordance with safeguarding guidance
  • Marketing data: until consent is withdrawn
  • Website enquiries: up to 12 months
  • Financial records: 6 years

After these periods, data is securely deleted or anonymised.

7. Who We Share Your Data With

We only share your data with trusted third parties who support our services, including:

  • Website hosting and IT providers
  • Email and communication platforms
  • Payment processors
  • Booking platforms (e.g., Glowday)
  • Cloud storage providers
  • Regulatory bodies or law enforcement (where legally required)

All third‑party providers are contractually required to process data securely and in accordance with UK GDPR. We never sell your data.

8. International Transfers

Your data is stored and processed within the UK wherever possible. Where data is transferred outside the UK, we ensure appropriate safeguards are in place, including:

  • UK adequacy regulations
  • Standard Contractual Clauses (SCCs)

9. Cookies

Our website uses cookies for functionality, analytics, and performance. Full details are provided in our separate Cookie Policy, where you can manage your preferences.

10. Children’s Data

We provide aesthetic treatments only to clients aged 18 and over. Where select treatments (such as cryotherapy) are provided to under‑18s, parental responsibility is verified, and records are retained in accordance with safeguarding guidance.

11. Automated Decision‑Making

We do not use automated decision‑making or profiling. All treatments are tailored following a full medical consultation with Dr Amber Halliday.

12. Your Rights

Under UK GDPR, you have the right to:

  • Be informed
  • Access your data
  • Correct inaccurate data
  • Request deletion (where appropriate)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent
  • Complain to the ICO

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk | 0303 123 1113

To exercise your rights, contact: drhalliday@bluebirdaesthetics.co.uk

13. Data Security and Breach Notification

We use appropriate technical and organisational measures to protect your data.

In the unlikely event of a personal data breach, we will:

  • Assess the risk
  • Notify the ICO where legally required
  • Notify affected individuals where there is a high risk to their rights or freedoms

14. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

Blue Bird Aesthetics

Doctor‑led medical aesthetics clinic in Worthing, West Sussex. Focused on natural results, patient safety and clinical excellence.

Quick Links

HOME Treatments About How to Book

Contact

4 Warwick Lane, Worthing,
BN11 3DP

07860 159 790