Privacy Policy

Last Updated: 16th august 2024

At gentle human ltd t/A skin bestie ("we", "us", "our"), we are committed to protecting and respecting your privacy. This privacy policy explains how we collect, use, and safeguard your personal data when you use our virtual skin coaching services and website. Please note that we are not medical professionals, and our services do not constitute medical advice.

1. Information We Collect

We may collect, use, store, and transfer the following types of personal data:

  • Identity Data: Name, username, date of birth, gender.

  • Contact Data: Email address, telephone number, home address.

  • Skin Information: Details related to your skin concerns, skincare routine, photos of your skin (if voluntarily provided), and any relevant lifestyle information.

  • Technical Data: IP address, browser type, time zone settings, and usage data.

  • Financial Data: Payment card details or other financial information necessary to process payments.

  • Communications Data: Information from your interactions with us via emails, messages, and consultations.

2. How We Use Your Personal Data

We will only use your personal data where the law allows us to do so. Typical uses of your data include:

  • Providing Virtual Skin Coaching Services: To conduct virtual skin consultations and offer personalised skincare guidance.

  • Customer Support: To respond to inquiries, manage appointments, and resolve issues.

  • Marketing Communications: To send updates, promotional content, and relevant skincare information (only if you have provided consent).

  • Service Improvement: To analyse trends and improve the quality of our services.

  • Legal Compliance: To comply with legal obligations such as tax or regulatory reporting.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent: Where you have explicitly provided consent for us to collect and process specific information, such as skin details or marketing communications.

  • Contractual Necessity: When processing is necessary to fulfil the service you have requested (e.g., virtual consultations).

  • Legal Obligations: When processing is necessary to comply with legal requirements.

  • Legitimate Interests: For our legitimate interests in improving our services and managing customer relationships, provided that your fundamental rights do not override these interests.

4. How We Share Your Information

We respect your privacy and will not sell or trade your personal data. However, we may share your personal data with:

  • Service Providers: Companies providing services such as payment processing, IT services, and customer support on our behalf.

  • Legal Authorities: If required to do so by law or to protect our rights, property, or the safety of others.

  • Business Transfers: In the event of a business merger or sale, your data may be transferred as part of the transaction, but it will remain subject to this policy.

5. International Data Transfers

In some instances, your data may be transferred to and processed in countries outside the UK or European Economic Area (EEA) that may have different data protection laws. Where such transfers occur, we ensure that appropriate safeguards (such as standard contractual clauses) are in place to protect your personal data.

6. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including any legal, accounting, or reporting requirements. When it is no longer needed, we will securely delete or anonymise your data.

7. Your Rights

You have rights regarding your personal data under data protection laws, including:

  • Right to Access: Obtain access to your personal data and request a copy.

  • Right to Rectification: Correct any inaccurate or incomplete data.

  • Right to Erasure: Request that we delete your data under certain circumstances.

  • Right to Restrict Processing: Request a restriction on the processing of your data in certain situations.

  • Right to Data Portability: Request your personal data in a structured, machine-readable format.

  • Right to Object: Object to the processing of your data, including for direct marketing purposes.

  • Right to Withdraw Consent: Withdraw your consent where we are relying on it to process your data.

To exercise any of these rights, please contact us at [Email Address].

8. Cookies

We use cookies and similar technologies on our website to enhance your experience, track usage, and provide personalized services. You can manage your cookie preferences through your browser settings. For more details, please review our Cookie Policy.

9. Security of Your Data

We are committed to securing your personal data and take appropriate measures, including encryption, secure servers, and access controls, to protect your information from unauthorized access, alteration, or disclosure.

10. Children’s Privacy

Our services are not directed at children under the age of 16, and we do not knowingly collect personal data from children. If you believe that we have unintentionally collected data from a child, please contact us, and we will take steps to delete such data.

11. Changes to this Privacy Policy

We may update this privacy policy from time to time in response to legal, technical, or business changes. Any updates will be reflected by revising the "Last Updated" date at the top of this policy. You are encouraged to review this policy periodically.

12. Contact Information

If you have any questions or concerns about this privacy policy or our data practices, please contact us at:

gentle human
innovation centre, knowledge gateway, boundary road, colchester, co4 3zq
team@skinbestie.co

Alternatively, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection, via their website at www.ico.org.uk.

This policy is in compliance with the UK Data Protection Act 2018 and the UK General Data Protection Regulation (GDPR).