Privacy Policy for Medi Glow Aesthetics & Health

Effective Date: 10 December 2024
Last Updated: 10 March 2026

Medi Glow Aesthetics & Health ("Medi Glow", "we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our services, visit our website, or communicate with us.

This policy is designed in accordance with the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018.

  1. Data Controller

Medi Glow Aesthetics & Health is the Data Controller responsible for your personal data.

Contact Details
Medi Glow Aesthetics & Health
The Glen Clinic
Thornliebank
Glasgow
G46 8NG

Email: info@medi-glow.co.uk
Phone: 07383 895761
Website: www.medi-glow.co.uk

  1. Information We Collect

We may collect and process the following types of personal data:

Personal Identification Information

  • Name
  • Date of birth
  • Address
  • Phone number
  • Email address

Medical Information (Special Category Data)

As a healthcare provider we may collect health information necessary for safe treatment, including:

  • Medical history
  • Medication history
  • Allergies
  • Treatment records
  • Photographs for clinical assessment and treatment monitoring

Payment Information

  • Billing information
  • Payment transaction details

(Note: Full payment card details are processed securely through payment providers.)

Website Usage Information

When you visit our website we may collect:

  • IP address
  • Browser type
  • Pages visited
  • Device information
  • Cookie data

  1. Lawful Basis for Processing Your Data

Under UK GDPR, we must have a lawful basis to process your data.

We rely on the following lawful bases:

Contractual Obligation

To provide treatments, consultations, and appointments.

Legal Obligation

To comply with medical, tax, insurance, and regulatory requirements.

Legitimate Interests

To improve our services, manage our clinic, and communicate with clients.

Consent

For:

  • Marketing communications
  • Use of before/after images
  • Certain health data processing

You may withdraw consent at any time.

Provision of Healthcare

Processing health data is necessary for medical diagnosis, provision of healthcare, and treatment.

  1. How We Use Your Information

We use your personal information to:

  • Provide consultations and treatments
  • Maintain accurate medical records
  • Manage appointments and bookings
  • Communicate with you regarding treatments
  • Respond to enquiries
  • Process payments
  • Improve our services
  • Send marketing communications (if consented)
  • Meet regulatory and legal obligations

  1. Sharing Your Information

We do not sell or trade your personal data.

Your information may be shared with:

Healthcare Professionals

Where necessary for your treatment or referral.

Service Providers

Trusted third parties who assist us with:

  • Payment processing
  • Clinic management systems
  • IT support
  • Marketing systems
  • Website hosting

All service providers are required to protect your data.

Legal Authorities

Where required to comply with law, court orders, or regulatory bodies.

  1. Data Security

We implement appropriate technical and organisational security measures including:

  • Encrypted systems
  • Secure servers
  • Password-protected systems
  • Restricted staff access
  • Staff confidentiality agreements

These measures protect your data against unauthorised access, loss, misuse, or disclosure.

  1. Data Retention

We retain personal data only as long as necessary for the purposes it was collected.

Healthcare records may be retained in line with medical record keeping requirements, which can be up to 8 years or longer where required.

When data is no longer required, it will be securely deleted or anonymised.

  1. Your Rights Under UK Data Protection Law

Under UK GDPR and the Data Protection Act 2018, you have the following rights:

Right to Access

Request a copy of your personal data.

Right to Rectification

Request correction of inaccurate information.

Right to Erasure

Request deletion of your data where appropriate.

Right to Restrict Processing

Request limitation on how we process your data.

Right to Data Portability

Request transfer of your data to another provider.

Right to Object

Object to certain uses of your data, including marketing.

Right to Withdraw Consent

Withdraw consent at any time.

To exercise these rights please contact us at:

info@medi-glow.co.uk

  1. Cookies and Website Tracking

Our website uses cookies to:

  • Improve website functionality
  • Analyse traffic and user behaviour
  • Personalise content

Cookies are small text files stored on your device.

You may control cookies through your browser settings. Disabling cookies may affect website functionality.

For more details please see our Cookie Policy.

  1. Marketing Communications

We may send information about:

  • New treatments
  • Promotions
  • Clinic updates

You will only receive marketing communications if you have opted in.

You can unsubscribe at any time by:

  • Clicking the unsubscribe link in emails
  • Contacting us directly

  1. Complaints

If you are concerned about how we handle your data, please contact us first so we can resolve the issue.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Information Commissioner's Office

Website: https://ico.org.uk
Helpline: 0303 123 1113

  1. Updates to This Policy

We may update this Privacy Policy from time to time to reflect legal or operational changes.

The latest version will always be available on our website