top of page

A Doctor led medical aesthetics clinic specialising in advanced dermatological skin care, anti-wrinkle treatments, dermal filler procedures.

Privacy & Cookie Policy

DRC Medical Aesthetics Clinic – DRCMedical.co.uk
Effective Date: 01.06.2025

Introduction

DRC Medical Aesthetics Clinic (“we”, “our”, or “us”) is committed to protecting and respecting your privacy. This policy outlines how we collect, use, and protect your personal information when you visit our website or receive treatment at our clinic.

We adhere to the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the standards set by the General Medical Council (GMC).

Who We Are

  • Clinic Name: DRC Medical Aesthetics Clinic

  • Medical Practitioner: Dr. Catherine Lamb, GMC-registered medical doctor

  • Website: www.DRCMedical.co.uk

  • Contact Email: c.a.lamb@hotmail.co.uk

  • Data Controller: Dr. Catherine Lamb

What Personal Data We Collect

We may collect and process the following categories of data:

  • Identification Data: Name, date of birth, gender

  • Contact Details: Email address, telephone number, postal address

  • Medical Data: Medical history, allergies, current medications, treatment notes, photographs (where applicable)

  • Website Usage Data: IP address, browser type, operating system, referral source, pages visited

  • Marketing Preferences: Consent to receive updates or promotions

How We Collect Your Data

  • Directly from you: When booking appointments, completing consultation forms, or communicating via email/phone

  • Automatically: Through cookies and analytics tools on our website

  • From third-party platforms: If you contact us via social media or referral sources

Why We Process Your Data

We process your data for the following lawful purposes:

  • To provide medical aesthetic treatments (Legal Basis: Provision of Health Care, Article 9(2)(h))

  • To ensure your safety by maintaining accurate medical records (GMC ethical duty)

  • To manage bookings, appointments, and communications (Legitimate Interest)

  • To comply with regulatory or legal obligations

  • With your consent, for marketing or promotional communications

How We Store and Protect Your Data

Your data is securely stored in accordance with medical confidentiality requirements. We implement appropriate technical and organisational measures, including:

  • Secure patient management systems with encryption

  • Access controls limited to authorised personnel

  • Regular data audits and secure deletion protocols

Medical records are retained in accordance with GMC guidance and NHS best practice—typically for 8 years after the last treatment or contact.

Your Rights Under GDPR

You have the following rights:

  • Access – to request a copy of your personal data

  • Rectification – to correct inaccurate or incomplete data

  • Erasure – to request deletion (subject to clinical/legal retention duties)

  • Restriction – to limit processing

  • Data Portability – to request your data in a structured format

  • Objection – to direct marketing at any time

  • Withdraw Consent – where processing is based on consent

To exercise any of these rights, contact us at c.a.lamb@drcmedical.uk

Third Parties and Data Sharing

We will never sell your data. Your personal data may be shared with:

  • Third-party software providers (for secure booking and records)

  • Regulatory authorities, if legally required (e.g., GMC, ICO)

  • Emergency services or other healthcare providers, with your consent or in case of medical necessity

All third parties are contractually bound to maintain GDPR compliance.

Marketing Communications

We may send occasional newsletters or promotions with your explicit consent. You can unsubscribe at any time via the link in emails or by contacting us directly.

Cookies Policy

What Are Cookies?

Cookies are small text files stored on your device to improve website experience, analyse traffic, and support functionality.

Types of Cookies We Use:

  • Essential Cookies – Required for website functionality (e.g., appointment booking)

  • Analytical Cookies – Help us understand website performance (e.g., Google Analytics)

  • Marketing Cookies – Used only with your consent to personalise ads or content

Managing Cookies:

When you first visit our website, you will be presented with a cookie consent banner. You may accept or customise your preferences.

You can also change your cookie settings at any time via your browser.

Data Transfers Outside the UK

We do not routinely transfer personal data outside the UK. If this becomes necessary (e.g., a third-party provider based internationally), we will ensure appropriate safeguards, such as UK IDTA or Standard Contractual Clauses (SCCs), are in place.

Complaints

If you believe your data has not been handled correctly, you have the right to lodge a complaint with:

  • Information Commissioner’s Office (ICO)
    Website: https://ico.org.uk
    Tel: 0303 123 1113

We encourage you to contact us first to resolve any concerns directly.

Policy Updates

We may update this policy from time to time. The latest version will always be available on our website, with the effective date noted above.

14. Contact

If you have questions about this Privacy Policy or your data, please contact:

DRC Medical Aesthetics Clinic
Attn: Dr. Catherine Lamb
Email: c.a.lamb@drcmedical.co.uk
Website: www.DRCMedical.co.uk

bottom of page