Privacy policy

Effective Date: 06/10/2025

Last Updated: 06/10/2025

Casaraclinic Ltd. (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, and share your information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our website https://www.casaraclinic.com ("Site"), you agree to the terms of this policy.

1. Who We Are

Casaraclinic Ltd. is an aesthetic injector operating in the United Kingdom.
Our registered address is:

If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us via the contact us section.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

a. Identity & Contact Information

  • Full name

  • Date of birth

  • Address

  • Phone number

  • Email address

b. Health & Medical Information

  • Medical history

  • Symptoms and treatment records

  • Appointment history

  • Medication details

  • Other information provided in forms or consultations

c. Technical Information

  • IP address

  • Browser type and version

  • Device information

  • Website usage data (e.g. pages visited, time spent)

d. Marketing & Communications Data

  • Your communication preferences

  • Responses to surveys or feedback forms

3. How We Collect Your Data

We collect your data in the following ways:

  • Directly from you (e.g. when you fill in a contact form, book an appointment, or consult with a clinician)

  • Automatically through cookies and analytics tools

4. Legal Bases for Processing

Under UK GDPR, we must have a valid legal reason to process your personal data.
We rely on the following legal bases:

  • Consent – when you have given us clear permission

  • Contract – where processing is necessary to fulfil a contract with you

  • Legal obligation – for compliance with laws or regulations

  • Vital interests – for medical emergencies or safeguarding

  • Legitimate interests – for internal administrative purposes or service improvement (where your rights do not override these)

For special category data (such as health information), we rely on additional conditions, including:

  • Provision of healthcare or treatment

  • Explicit consent

5. How We Use Your Information

We may use your information to:

  • Provide and manage services

  • Schedule and confirm appointments

  • Maintain medical records

  • Communicate with you regarding care or services

  • Respond to enquiries or complaints

  • Improve our services and website

  • Comply with legal and regulatory obligations

6. Sharing Your Data

We may share your data with:

  • Insurance provider

  • Third-party service providers (e.g. IT, hosting, appointment software)

  • Laboratories or referral partners (with your consent)

  • Regulators or legal authorities when required by law

  • Emergency services, if necessary for your safety or health

We ensure all third parties respect the security of your personal data and comply with UK data protection laws.

7. International Data Transfers

Your data is stored within the UK or European Economic Area (EEA). If we ever need to transfer data outside the UK/EEA, we will ensure appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your privacy.

8. Data Security

We take appropriate technical and organisational measures to protect your personal data, including:

  • Encryption and secure storage

  • Access controls for staff and systems

  • Regular audits and staff training

9. Data Retention

We only retain your personal data for as long as necessary to:

  • Fulfil the purposes we collected it for

  • Comply with legal, regulatory, or clinical obligations

10. Your Rights

You have the following rights under UK GDPR:

  • Access – to your personal data

  • Rectification – of incorrect or incomplete data

  • Erasure – to request deletion of your data (in certain cases)

  • Restriction – to limit processing of your data

  • Objection – to processing based on legitimate interests

  • Data Portability – to obtain and reuse your data

  • Withdraw Consent – at any time (where processing is based on consent)

To exercise these rights, contact us via the contact us form.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk

11. Cookies and Tracking Technologies

We use cookies to enhance your experience, analyse site traffic, and personalise content. You can manage or disable cookies through your browser settings.

12. Changes to This Privacy Policy

We may update this policy from time to time. All updates will be posted on this page with a revised “Last Updated” date. We encourage you to review this policy periodically.