SkinBestie Logo

Privacy Policy

Last Updated: October 2025

1. Important information and who we are

Gentle Human T/A SkinBestie is the controller and responsible for your personal data (referred to as "SkinBestie", "we", "us" or "our"). We are registered in England and Wales under company number 14448690 and have our registered office at Huckletree (Priory House) Limited, 6 Wrights Lane, London, W8 6TA.

At SkinBestie, we are committed to protecting and respecting your privacy. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, use, and safeguard your personal data when you use our virtual skin coaching services and website. Please note that we are not medical professionals, and our services do not constitute medical advice.

When we collect and process your personal data, we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to any services we provide to individuals in the European Economic Area (EEA).

This privacy policy gives you information about how SkinBestie collects and uses your personal data through your use of this website, including any data you may provide when you register with us, sign up to our marketing communications, use our virtual skin coaching services, purchase a product or service, or take part in a competition.

2. Information we collect

We may collect, use, store, and transfer the following types of personal data:

  • Identity Data: Name, username, date of birth, gender.
  • Contact Data: Email address, telephone number, home address.
  • Skin Information: Details related to your skin concerns, skincare routine, photos of your skin (if voluntarily provided), and any relevant lifestyle information.
  • Technical Data: IP address, browser type, time zone settings, and usage data.
  • Profile Data: Includes your account password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Financial Data: Payment card details or other financial information necessary to process payments.
  • Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and information from your interactions with us via emails, messages, and consultations.

If you do not provide personal data we ask for where it is requested (for example, at point of sale), it may delay or prevent us from providing services to you.

Special categories of personal data we collect about you

The processing of special categories of personal data (or 'sensitive personal data') is limited to data made public by you or a third party on your behalf, or where you have given us consent to use such information. For example, we may need to understand certain health-related conditions when asking you to fill out an online form or handling a query or complaint made by you. We will always check such requirements with you, and you only need to provide the information you are comfortable with us using.

3. How is your personal data collected?

We might collect or receive personal data from you in a number of ways, including via our website and forms. Sometimes you give this to us directly (e.g. when you create an account, when you contact us, when you purchase from our website), sometimes we collect it (e.g. using cookies to understand how you use our websites and apps) or sometimes we receive your personal data from other third parties or publicly available sources.

4. How we use your personal data

Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent: Where you have explicitly provided consent for us to collect and process specific information, such as skin details or marketing communications.
  • Contractual Necessity: When processing is necessary to fulfil the service you have requested (e.g., virtual consultations).
  • Legal Obligations: When processing is necessary to comply with legal requirements.
  • Legitimate Interests: For our legitimate interests in improving our services and managing customer relationships, provided that your fundamental rights do not override these interests.

Purposes for which we will use your personal data

We will only use your personal data where the law allows us to do so. Typical uses of your data include:

  • Providing Virtual Skin Coaching Services: To conduct virtual skin consultations and offer personalised skincare guidance.
  • Customer Support: To respond to inquiries, manage appointments, and resolve issues.
  • Marketing Communications: To send updates, promotional content, and relevant skincare information (only if you have provided consent).
  • Service Improvement: To analyse trends and improve the quality of our services.
  • Legal Compliance: To comply with legal obligations such as tax or regulatory reporting.

Direct marketing

During the account creation process on our website when your personal data is collected, you will be asked to indicate your preferences for receiving direct marketing communications from SkinBestie via email or SMS.

We may also analyse your Identity, Contact, Technical, Usage and Profile Data to form a view of which products, services and offers may be of interest to you so that we can then send you relevant marketing communications.

Opting out of marketing

You can ask to stop sending you marketing communications at any time by following the opt-out links within any marketing communication sent to you or by contacting us at privacy@skinbestie.co. If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes for example relating to order confirmations, updates to our Terms and Conditions, or checking that your contact details are correct.

5. How we share your information

We respect your privacy and will not sell or trade your personal data. However, we may share your personal data with:

  • Service Providers: Companies providing services such as payment processing, IT services, and customer support on our behalf.
  • Legal Authorities: If required to do so by law or to protect our rights, property, or the safety of others.
  • Business Transfers: In the event of a business merger or sale, your data may be transferred as part of the transaction, but it will remain subject to this policy.

6. International data transfers

In some instances, your data may be transferred to and processed in countries outside the UK or European Economic Area (EEA) that have laws that do not provide the same level of data protection as the UK law. Under data protection law, we can only transfer your personal data to a country or international organisation outside the UK/EEA where the UK government (or, where the EU GDPR applies, the European Commission) has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an 'adequacy decision'); there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or a specific exception applies under data protection law.

7. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including any legal, accounting, or reporting requirements. When it is no longer needed, we will securely delete or anonymise your data.

9. Your Rights

You have rights regarding your personal data under data protection laws, including:

  • Right to Access: Obtain access to your personal data and request a copy.
  • Right to Rectification: Correct any inaccurate or incomplete data.
  • Right to Erasure: Request that we delete your data under certain circumstances.
  • Right to Restrict Processing: Request a restriction on the processing of your data in certain situations.
  • Right to Data Portability: Request your personal data in a structured, machine-readable format.
  • Right to Object: Object to the processing of your data, including for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw your consent where we are relying on it to process your data.

To exercise any of these rights, please contact us at privacy@skinbestie.co.

10. Cookies

The settings from Internet browsers are usually programmed by default to accept cookies, but you can easily adjust it by changing the settings of your browser or, where available, by using the tools on our website. Many cookies are used to enhance the usability or functionality of a website; therefore, disabling some types of cookies may prevent you from using certain parts of our website. If you wish to manage your preferences regarding the cookies that are set by our website, please use the tool available on the website or refer to the Help function within your browser to learn how to manage your settings within your browser. For more information, please consult the following link: https://allaboutcookies.org/

11. Children's privacy

Our services are not directed at children under the age of 18, and we do not knowingly collect personal data from children. If you believe that we have unintentionally collected data from a child, please contact us, and we will take steps to delete such data.

12. Changes to this Privacy Policy

We may update this privacy policy from time to time in response to legal, technical, or business changes. Any updates will be reflected by revising the "Last Updated" date at the top of this policy. You are encouraged to review this policy periodically.

13. Contact Information

If you have any questions or concerns about this privacy policy or our data practices, please contact us at privacy@skinbestie.co.

Alternatively, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection, via their website at www.ico.org.uk.

14. Third party links

This website may include links to third-party websites, plug-ins and applications when sending you your personal routine. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.