Skip to main content
Legal

Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Driftwood Aesthetics Limited (“we”, “us”, or “our”) collects, uses, stores, and protects your personal information when you visit our website at www.driftwood-aesthetics.co.uk or contact us directly.

We are committed to protecting your privacy and handling your personal data with transparency and care. This policy is written in accordance with the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Data Controller: Driftwood Aesthetics Limited
Registered Address: 79 Flansham Park, Bognor Regis, England, PO22 6QN
Company Number: 16976570
Email: [email protected]
Telephone: 07398 784978

If you have any questions about how we handle your personal data, or wish to exercise any of your rights under UK GDPR, please contact us using the details above.

2. What Personal Data We Collect

We may collect and process the following types of personal information:

Information You Provide Directly

  • Your name
  • Your email address
  • Your telephone number
  • The nature of your enquiry
  • Any information you voluntarily include in correspondence with us

Information Collected Automatically

  • Your IP address (collected by our hosting infrastructure)
  • Browser type and version
  • Operating system
  • Referring website (if applicable)
  • Pages visited and time spent on site

We do not currently use advertising cookies or behavioural tracking technologies. Our website uses only functional cookies and local storage to ensure the site operates correctly and to record your cookie consent choice. Please see Section 8 (Cookies) for further detail.

3. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

  • To respond to your enquiries promptly and appropriately
  • To arrange and manage consultations or appointments
  • To provide the treatments and services you have requested
  • To comply with our legal and regulatory obligations
  • To maintain appropriate business records
  • To improve the quality and functionality of our website

We do not use your personal data for marketing purposes without your explicit consent. We do not sell, rent, or share your personal data with third parties for commercial purposes.

4. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Legitimate interests — to respond to enquiries and maintain appropriate business records where this does not override your privacy rights
  • Contractual necessity — to fulfil any service or treatment agreement entered into with you
  • Legal obligation — to comply with applicable laws and regulations
  • Consent — where we have specifically requested and received your permission (for example, for direct marketing, where applicable)

5. How Long We Keep Your Data

We will only retain your personal data for as long as is necessary for the purposes set out in this policy, or as required by law. In general:

  • Enquiry and correspondence records are retained for up to 2 years from the date of last contact, unless a longer retention period is required for legal or regulatory reasons
  • Client treatment records are retained for a minimum of 7 years in accordance with standard business practice and applicable guidance
  • Where you have consented to receive marketing communications, your data will be retained until you withdraw that consent

6. Sharing Your Personal Data

We do not sell or share your personal data with third parties for their own commercial purposes. We may share your data only in the following limited circumstances:

  • With trusted service providers who assist us in operating our website or delivering our services (such as our hosting provider), under appropriate data processing agreements
  • Where required by law, regulation, or court order
  • In the event of a business transfer, where your data may be transferred as part of that process, subject to equivalent protections

Our website is currently hosted on Cloudflare Pages or Netlify. Contact form submissions are processed by Netlify Forms where applicable. Please refer to their respective privacy policies for further information on how they handle data.

7. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data we hold about you
  • Right to rectification — to request that we correct any inaccurate or incomplete data
  • Right to erasure — to request that we delete your personal data in certain circumstances
  • Right to restriction of processing — to request that we restrict the processing of your data in certain circumstances
  • Right to data portability — to receive your data in a structured, commonly used format in certain circumstances
  • Right to object — to object to the processing of your data where we rely on legitimate interests as our legal basis
  • Rights in relation to automated decision-making — we do not carry out automated decision-making or profiling

To exercise any of your rights, please contact us at [email protected]. We will respond to all valid requests within one calendar month. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been handled unlawfully. Visit ico.org.uk for further information.

8. Cookies and Local Storage

Our website uses a small number of technologies to ensure it functions correctly:

  • Functional cookies — strictly necessary for the operation of the website
  • Local storage — used solely to record your cookie consent preference so we do not present the consent banner on every visit

We do not use analytics cookies, advertising cookies, or any form of third-party tracking technology at this time. If this changes, this policy will be updated accordingly and your consent will be sought where required.

You can manage or delete cookies through your browser settings at any time. Please note that disabling strictly necessary cookies may affect the functionality of the website.

9. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, or disclosure. Our website is served over HTTPS encryption.

Whilst we take all reasonable steps to protect your data, no method of transmission over the internet is completely secure. If you have any concerns about the security of your information, please contact us.

10. Links to Third-Party Websites

Our website may contain links to third-party websites. This Privacy Policy applies only to our website. We are not responsible for the privacy practices of any linked websites and encourage you to read their privacy policies before providing any personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, we will update the “last updated” date at the top of this page. We encourage you to review this policy periodically. Continued use of our website following any update constitutes acceptance of the revised policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Driftwood Aesthetics Limited
79 Flansham Park, Bognor Regis, England, PO22 6QN
Email: [email protected]
Telephone: 07398 784978