Dr. Alex Puzdrowski BMBS MA DRCOG
The Willow Skin Clinic Ltd.
Privacy Notice
The Willow Skin Clinic Ltd
Last updated: 26 January 2026
1. Who We Are
The Willow Skin Clinic (“we”, “us”, “our”) provides medical aesthetics treatments in the UK.
• Business address: 124 City Road, London, EC1V 2NX
• Email: thewillowskinclinic@gmail.com
• Data Controller: The Willow Skin Clinic
We are registered with the Information Commissioner’s Office (ICO).
ICO registration number: ZC031106
⸻
2. The Personal Data We Collect
We collect and process personal data to provide safe and effective treatments and to meet our legal and professional obligations.
This may include:
Identity & contact information
• Name, date of birth, address, email address, telephone number
Medical and treatment information (special category data)
• Medical history and health information
• Consultation notes
• Treatment records and outcomes
• Before-and-after photographs (with consent)
Administrative information
• Appointment details
• Payment records (we do not store full card details)
⸻
3. How We Collect Your Data
We collect personal data when you:
• Complete consultation or consent forms
• Book or receive treatments
• Communicate with us by email, phone, text, or in person
• Use our website or online booking systems (if applicable)
⸻
4. How We Use Your Data
We use your personal data to:
• Assess suitability for treatments
• Provide medical aesthetics treatments safely
• Maintain accurate medical records
• Communicate with you about appointments and aftercare
• Meet legal, regulatory, and insurance requirements
⸻
5. Lawful Basis for Processing
Under the UK GDPR, our lawful bases for processing your data are:
• Provision of health care (Article 9(2)(h))
• Legal obligation (e.g. record-keeping requirements)
• Legitimate interests (running and improving our business)
• Consent, where required (e.g. marketing communications or use of photographs)
You may withdraw consent at any time where consent is the lawful basis.
⸻
6. How We Store Your Data
Patient records are securely stored using Aesthetic Nurse Software, a specialist medical aesthetics practice management system.
Appropriate technical and organisational measures are in place to protect your data, including:
• Secure servers
• Access controls
• Data encryption where applicable
We only allow access to personal data where it is necessary and authorised.
⸻
7. Data Sharing
We do not sell your personal data.
We may share your data only where necessary, including with:
• Aesthetic Nurse Software (as a data processor)
• Medical indemnity insurers
• Regulators or professional bodies, if legally required
• HMRC or other authorities where required by law
All third parties are required to protect your data in line with UK GDPR.
⸻
8. How Long We Keep Your Data
We retain medical records in accordance with professional, legal, and insurance requirements.
Typically:
• Medical and treatment records are kept for at least 7 years after your last treatment
• Records for minors are kept until age 25
After this period, data is securely deleted or destroyed.
⸻
9. Your Data Protection Rights
You have the right to:
• Access your personal data
• Request correction of inaccurate data
• Request erasure (where applicable)
• Restrict or object to processing
• Request data portability
• Lodge a complaint with the ICO
To exercise your rights, please contact us using the details above.
⸻
10. Complaints
If you are unhappy with how we handle your data, you can contact us directly.
You also have the right to complain to the Information Commissioner’s Office:
Information Commissioner’s Office
Website: https://ico.org.uk
Telephone: 0303 123 1113
⸻
11. Changes to This Privacy Notice
We may update this privacy notice from time to time. The most recent version will always be available from us.