Privacy Policy

This privacy policy applies to Dr. Malak Ziad Al Qaimari and our aesthetic dermatology clinic based at MyAesthetics Manchester. We are committed to protecting your personal data and complying with the UK General Data Protection Regulation (GDPR).

• Contact Information: Name, email address, phone number
• Treatment Preferences: Treatment interests, aesthetic goals, medical history relevant to treatments
• Booking Data: Appointment dates, times, and treatment details
• Communication Records: Messages via WhatsApp, email, or contact forms
• Medical Information: Consultation notes, consent forms, treatment records (where applicable)
• Feedback: Testimonials, reviews, or patient feedback (with consent)

• Providing Services: Processing bookings, delivering treatments, and managing your care
• Communication: Responding to enquiries, appointment reminders, and aftercare guidance
• Medical Purposes: Maintaining medical records as required by UK law and best practice standards
• Legal Obligations: Complying with health and safety regulations, and maintaining required documentation
• Marketing (with consent): Sending newsletters, updates, and special offers only if you have opted in
• Improving Our Services: Analyzing feedback to enhance our treatments and patient experience

We process your data under the following legal bases (GDPR Article 6): Consent for marketing communications; Contract Performance to fulfill your booking and treatment agreement; Legal Obligation to maintain medical records as required by UK law; and Legitimate Interests to improve our services and prevent fraud.

We do not sell your data to third parties. We may share your data with Fresha (Booking Platform) for managing appointments; Email Service Providers for sending newsletters (with your consent); Healthcare Professionals if medically necessary and with your consent; and Legal/Regulatory Bodies when required by law. All third-party processors are carefully selected and required to maintain strict data protection standards.

Medical Records are retained for 10 years after last treatment, as required by UK medical law. Marketing Data is retained until you withdraw consent; automatically deleted after 2 years of inactivity. Booking Data is retained for 7 years for accounting and regulatory purposes. Communication Records are deleted after 1 year unless legally required to retain.

• Right of Access: Request a copy of your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (subject to legal obligations)
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Opt-out of marketing or specific processing activities

If you have questions about this privacy policy or wish to exercise your data rights, please contact Dr. Malak at the clinic address provided on this website or email us at hello@bydoctormalak.com.