SkinBestie Logo

Privacy Policy

Last Updated: October 2025

1. Important information and who we are

Gentle Human T/A SkinBestie is the controller and responsible for your personal data (referred to as "SkinBestie", "we", "us" or "our"). We are registered in England and Wales under company number 14448690 and have our registered office at Huckletree (Priory House) Limited, 6 Wrights Lane, London, W8 6TA.

At SkinBestie, we are committed to protecting and respecting your privacy. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, use, and safeguard your personal data when you use our virtual skin coaching services and website. Please note that we are not medical professionals, and our services do not constitute medical advice.

When we collect and process your personal data, we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to any services we provide to individuals in the European Economic Area (EEA). You can find more information about your rights under UK data protection law, and how to exercise them, in Section 9 (Your rights under UK data protection law) below.

Privacy Policy

This privacy policy gives you information about how SkinBestie collects and uses your personal data through your use of this website, including any data you may provide when you register with us, sign up to our marketing communications, use our virtual skin coaching services, purchase a product or service, or take part in a competition.

Meaning of personal data

Personal data means any information relating to an identified or identifiable individual (known as the data subject). Personal data includes information irrespective of how it is stored. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Common examples of personal data include an individual's name, address, contact information, photograph, IP address and information about the individual such as their age or employment status.

Special category personal data means personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic and biometric data (when processed to uniquely identify an individual), or data concerning health, sex life or sexual orientation.

2. Information we collect

We may collect, use, store, and transfer the following types of personal data:

  • Identity Data: Name, username, date of birth, gender.
  • Contact Data: Email address, telephone number, home address.
  • Skin Information: Details related to your skin concerns, skincare routine, photos of your skin (if voluntarily provided), and any relevant lifestyle information.
  • Coaching Call Data: notes from your coaching sessions and, where applicable, audio and video recordings of your Coaching Class
  • Technical Data: IP address, browser type, time zone settings, and usage data.
  • Profile Data: Includes your account password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Financial Data: Payment card details or other financial information necessary to process payments.
  • Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and information from your interactions with us via emails, messages, and consultations.

The above list is not exhaustive, and SkinBestie may also collect and process other personal data to the extent that this is considered necessary for providing our services or compliance with legal requirements.

If you do not provide personal data we ask for where it is requested (for example, at point of sale), it may delay or prevent us from providing services to you.

We also collect, use and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals' Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

Special categories of personal data we collect about you

The processing of special categories of personal data (or 'sensitive personal data') is limited to data made public by you or a third party on your behalf, or where you have given us consent to use such information. For example, we may need to understand certain health-related conditions when asking you to fill out an online form or handling a query or complaint made by you. We will always check such requirements with you, and you only need to provide the information you are comfortable with us using.

3. How is your personal data collected?

We might collect or receive personal data from you in a number of ways, including via our website and forms. Sometimes you give this to us directly (e.g. when you create an account, when you contact us, when you purchase from our website), sometimes we collect it (e.g. using cookies to understand how you use our websites and apps) or sometimes we receive your personal data from other third parties or publicly available sources.

4. How we use your personal data

Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent: Where you have explicitly provided consent for us to collect and process specific information, such as skin details or marketing communications.
  • Contractual Necessity: When processing is necessary to fulfil the service you have requested (e.g., virtual consultations).
  • Legal Obligations: When processing is necessary to comply with legal requirements.
  • Legitimate Interests: For our legitimate interests in improving our services and managing customer relationships, provided that your fundamental rights do not override these interests.

Purposes for which we will use your personal data

We will only use your personal data where the law allows us to do so. Typical uses of your data include:

  • Providing Virtual Skin Coaching Services: To conduct virtual skin consultations and offer personalised skincare guidance.
  • Customer Support: To respond to inquiries, manage appointments, and resolve issues.
  • Account management, subscriptions and billing: To create and manage your account, process payments, manage your Subscription (including renewals, upgrades, downgrades and cancellations), and send you service-related communications such as booking confirmations and renewal notices.
  • Marketing Communications: To send updates, promotional content, and relevant skincare information (only if you have provided consent).
  • Service Improvement: To analyse trends and improve the quality of our services.
  • Legal Compliance: To comply with legal obligations such as tax or regulatory reporting.

Direct marketing

During the account creation process on our website when your personal data is collected, you will be asked to indicate your preferences for receiving direct marketing communications from SkinBestie via email or SMS.

We may also analyse your Identity, Contact, Technical, Usage and Profile Data to form a view of which products, services and offers may be of interest to you so that we can then send you relevant marketing communications.

Third-party marketing

We will get your express consent before we share your personal data with any third party for their own direct marketing purposes.

Opting out of marketing

You can ask to stop sending you marketing communications at any time by following the opt-out links within any marketing communication sent to you or by contacting us at privacy@skinbestie.co. If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes for example relating to order confirmations, updates to our Terms and Conditions, or checking that your contact details are correct.

5. How we share your information

We respect your privacy and will not sell or trade your personal data. However, we may share your personal data with:

  • Service Providers: Companies providing services such as payment processing (for example, our payment gateways), IT and hosting, communication tools (for example, email and messaging platforms), and customer support on our behalf.
  • Legal Authorities: If required to do so by law or to protect our rights, property, or the safety of others.
  • Business Transfers: In the event of a business merger or sale, your data may be transferred as part of the transaction, but it will remain subject to this policy.

6. International data transfers

In some instances, your data may be transferred to and processed in countries outside the UK or European Economic Area (EEA) that have laws that do not provide the same level of data protection as the UK law. Under data protection law, we can only transfer your personal data to a country or international organisation outside the UK/EEA where:

  • the UK government (or, where the EU GDPR applies, the European Commission) has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an 'adequacy decision');
  • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or
  • a specific exception applies under data protection law.

7. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including any legal, accounting, or reporting requirements. When it is no longer needed, we will securely delete or anonymise your data. For example, we usually retain recordings of Coaching Calls for up to 90 days, unless we need to keep them longer for legal, regulatory or dispute-resolution purposes.

9. Your rights under UK data protection law

If you are in the United Kingdom, the UK General Data Protection Regulation and the Data Protection Act 2018 give you certain rights in relation to your personal data. In particular, you have the right to:

  • Access the personal data we hold about you and request a copy of it.
  • Rectification – ask us to correct inaccurate or incomplete personal data.
  • Erasure – ask us to delete your personal data in certain circumstances (sometimes called the "right to be forgotten").
  • Restriction – ask us to restrict the way we use your personal data in certain circumstances.
  • Objection – object to our use of your personal data where we rely on our legitimate interests, including for direct marketing.
  • Data portability – ask us to provide your personal data in a structured, commonly used and machine-readable format, or to transmit it to another organisation where this is technically feasible and the legal conditions are met.
  • Withdraw consent – withdraw your consent at any time where we rely on consent to process your personal data (for example, for certain types of marketing).

To exercise any of these rights, or to ask a question about how we handle your personal data, please email us at privacy@skinbestie.co. To help us locate your information, please include the email address you use with SkinBestie and any relevant details (for example, order numbers, booking references or your account username). We may ask you for reasonable additional information to confirm your identity before we respond to your request.

We aim to respond to all valid requests within one month. If your request is particularly complex or you have made a number of requests, we may take longer. If this happens, we will let you know and keep you updated.

If you are based in the European Economic Area (EEA), you may also have similar rights under the EU GDPR. You can contact us at privacy@skinbestie.co and we will handle your request in line with the data protection laws that apply to you.

You also have the right to raise a concern with your local data protection authority at any time. In the UK, this is the Information Commissioner's Office (ICO). However, we would appreciate the chance to deal with your concerns first, so please consider contacting us at privacy@skinbestie.co before you contact a regulator.

10. Cookies

The settings from Internet browsers are usually programmed by default to accept cookies, but you can easily adjust it by changing the settings of your browser or, where available, by using the tools on our website. Many cookies are used to enhance the usability or functionality of a website; therefore, disabling some types of cookies may prevent you from using certain parts of our website. If you wish to manage your preferences regarding the cookies that are set by our website, please or refer to the Help function within your browser to learn how to manage your settings within your browser. For more information, please consult the following link: https://allaboutcookies.org/

11. Children's privacy

Our services are not directed at children under the age of 18, and we do not knowingly collect personal data from children. If you believe that we have unintentionally collected data from a child, please contact us, and we will take steps to delete such data.

12. Changes to this Privacy Policy

We may update this privacy policy from time to time in response to legal, technical, or business changes. Any updates will be reflected by revising the "Last Updated" date at the top of this policy. You are encouraged to review this policy periodically.

13. Contact Information

If you have any questions or concerns about this privacy policy or our data practices, please contact us at privacy@skinbestie.co.

When contacting us about your personal data, please use the email address associated with your SkinBestie account if possible, and include any relevant details (such as order numbers or booking references) so that we can identify you and respond more quickly.

Further information about your rights, including your right to raise a concern with the UK Information Commissioner's Office (ICO), is set out in Section 9 (Your rights under UK data protection law).

14. Third party links

This website may include links to third-party websites, plug-ins and applications when sending you your personal routine. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.