top of page
Untitled Project - Website Logo Bold.png

Piyakona Aesthetics and Wellness - Privacy Policy

Last Updated: [29/04/2025]

This Privacy Policy explains how Piyakona Ltd ("Piyakona", "we", "us", or "our") collects, uses, and shares your personal information when you use our website (the "Website") and our online booking system for aesthetics and beauty treatments (the "Services"). This policy also outlines your rights regarding your personal information.

1. Who We Are

Piyakona Ltd is a company registered in the United Kingdom with its registered address at 2 Wimpole Street, London, W1G 0EB. We are the data controller responsible for the personal information we collect and process.

2. Information We Collect

We may collect the following types of personal information from you:

  • Contact Information: Your name, email address, phone number, and postal address.  

  • Booking Information: Details of the Services you book, appointment dates and times, and any specific requests or preferences.  

  • Account Information: If you create an account on our Website, we will collect your username and password.

  • Payment Information: If you make online payments, we collect necessary payment details (although payment processing is often handled by secure third-party providers, and we may not directly store your full card details).

  • Medical and Health Information: During consultations, we may collect information about your medical history, health conditions, allergies, and any medications you are taking to assess your suitability for treatments. This information is treated with the utmost confidentiality.

  • Marketing Preferences: Your preferences for receiving marketing communications from us.

  • Website Usage Data: Information about how you use our Website, including your IP address, browser type, operating system, referring URLs, pages visited, and the dates and times of your visits. This is collected through cookies and similar technologies (see section 7).  

  • Communication Data: Records of any correspondence between you and us, including emails and phone calls.

 

3. How We Collect Your Information

We collect your personal information in the following ways:

  • Directly from you: When you create an account, make a booking, fill out forms on our Website, attend consultations, communicate with us via email or phone, or subscribe to our marketing communications.

  • Automatically: When you browse our Website, we collect website usage data through cookies and similar technologies.

  • From third parties:

    • Google Ads: We may receive anonymized or aggregated data about the effectiveness of our Google Ads marketing campaigns.

    • Email Marketing Platforms: Our email marketing platform may provide us with data about email opens, clicks, and other engagement metrics.

 

4. How We Use Your Information

 

We use your personal information for the following purposes:

  • To provide our Services: To process your bookings, schedule appointments, and provide the treatments you have requested.  

  • To manage your account: To create and manage your account on our Website.

  • To communicate with you: To send booking confirmations, appointment reminders, respond to your enquiries, and provide customer support.

  • For consultations and treatment suitability: To assess your suitability for treatments and provide safe and effective services.

  • For payment processing: To process payments for our Services.

  • For marketing purposes: To send you promotional emails and information about our Services, special offers, and events, where you have consented to receive such communications (see section 6).

  • To improve our Website and Services: To analyze website usage data to understand how users interact with our Website and to improve its functionality and content.

  • For legal and compliance purposes: To comply with applicable laws, regulations, and legal processes.

  • For internal record-keeping: To maintain accurate records of our business operations.

 

5. Legal Basis for Processing Your Information

 

We will only process your personal information when we have a lawful basis for doing so. These bases include:

  • Your consent: Where you have given us explicit consent to process your personal information for a specific purpose (e.g., for marketing communications). You have the right to withdraw your consent at any time (see section 9).

  • Performance of a contract: Where processing is necessary for the performance of a contract with you (e.g., to provide the Services you have booked).

  • Legal obligation: Where processing is necessary for us to comply with a legal obligation.

  • Legitimate interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided that your interests and fundamental rights do not override those interests. Our legitimate interests include operating our business, providing and improving our Services, and marketing our Services (where we have a legitimate interest to do so).  

  • Vital interests: In rare cases, where processing is necessary to protect your vital interests or those of another person.

  • For the provision of healthcare: When processing health-related data, we do so under the legal basis for the provision of healthcare by a health professional.

 

6. Marketing Communications

 

With your consent, we may send you marketing communications via email about our Services, special offers, and events. You have the right to opt-out of receiving these communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email you receive from us.

  • Contacting us directly using the contact details provided in section 12.  

 

Even if you opt out of marketing communications, we may still send you transactional emails related to your bookings or account.

 

7. Cookies and Similar Technologies

 

Our Website uses cookies and similar technologies to collect information about your browsing activities. Cookies are small text files that are placed on your device when you visit a website. We use cookies for various purposes, including:

 

  • Essential cookies: To enable you to navigate our Website and use its features.  

  • Performance cookies: To collect information about how you use our Website, such as which pages you visit most often. This helps us to improve the functionality of our Website.  

  • Functionality cookies: To remember your preferences (e.g., language settings) and provide enhanced features.

  • Marketing cookies: To track your browsing activity so that we can show you relevant advertisements, including through Google Ads.

 

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling certain cookies may affect the functionality of our Website.  

 

8. Sharing Your Information

 

We may share your personal information with the following categories of third parties:

  • Service providers: We may engage third-party service providers to assist us with various functions, such as website hosting, payment processing, email marketing, data analysis, and customer support. These providers are contractually obligated to protect your personal information and only process it in accordance with our instructions.  

  • Google: We may share anonymized or aggregated data with Google for the purposes of our Google Ads marketing campaigns.

  • Email marketing platform providers: We share your contact information and marketing preferences with our email marketing platform provider to send you marketing communications (where you have consented).

  • Legal authorities: We may disclose your personal information to legal authorities if required to do so by law or in response to a valid legal request.

  • Business transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity.  

  • Our professional advisors: Such as lawyers and accountants, where necessary to obtain professional advice.

 

9. Your Rights

 

Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have the following rights regarding your personal information:

  • The right to access: You have the right to request a copy of the personal information we hold about you.  

  • The right to rectification: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.  

  • The right to erasure ("right to be forgotten"): You have the right to request that we delete your personal information in certain circumstances.  

  • The right to restriction of processing: You have the right to request that we restrict the processing of your personal information in certain circumstances.  

  • The right to data portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit that data to another controller.  

  • The right to object: You have the right to object to the processing of your personal information in certain circumstances, including for direct marketing purposes.  

  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.  

  • The right to withdraw consent: If we are processing your personal information based on your consent, you have the right to withdraw that consent at any time.  

 

To exercise any of these rights, please contact us using the contact details provided in section 12. We may require you to verify your identity before responding to your request.

 

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

 

10. Data Security

 

We have implemented appropriate technical and organizational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee the absolute security of your personal information.  

 

11. Data Retention

 

We will retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

 

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information, and whether we can achieve those purposes through other means, and the applicable legal requirements.  

Typically, we will retain:

  • Booking information and related communications for [Insert Duration, e.g., 7 years] for legal and accounting purposes.

  • Medical and health information for [Insert Duration, e.g., as required by healthcare regulations].

  • Marketing contact information until you unsubscribe.

  • Website usage data for [Insert Duration, e.g., 13 months] for analytical purposes.

 

12. Contact Us

 

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us at:  

Piyakona Aesthetics and Wellness

2 Wimpole Street

London, W1G 0EB

 

Email: [info@piyakona.co.uk]

Phone: [+44(0)207 088 8083]

bottom of page