Privacy Policy

The Private Clinic is committed to ensuring the privacy of our patients and website visitors. This policy explains what personal data we may collect about you when you interact with us and how we use it.

Our promises

  • Service: We will only use your data to improve your experience of our services
  • Patient Safety: We will only use your sensitive personal data to ensure your care and safety
  • Keep in touch: We will only contact you about things you have told us you’re interested in

Who are we?

The Private Clinic of Harley Street Limited includes The Private Clinic of Harley Street and Aurora Clinics. The websites we operate and this policy refer to are:, and For simplicity, “we” and “us” means The Private Clinic of Harley Street Limited.

The Private Clinic of Harley Street is the data controller in relation to the processing of personal information that you provide us when using our services.

You can contact our Data Protection Officer at: [email protected]

Or write to:

Data Protection Officer
The Private Clinic of Harley Street
98 Harley Street

Your personal and sensitive personal data

Under data protection legislation, the data that organisations hold about you can be categorised as follows:

Personal Data: This is data related to an identifiable person or data that can be used to identify a distinct individual. Examples of personal data we collect and process include names, email addresses, location, telephone numbers, ID numbers and online identifiers. Where this policy states “your data/your personal data” we are referring to Personal Data unless otherwise stated.

Sensitive Personal Data: Sometimes referred to as “Special Category Data”, this is data that is deemed to be more sensitive than the above personal data. For example, medical records, genetics, biometric data, details of ethnicity, sexual orientation. We only use this data for the purposes of your treatment and to ensure you care and safety as a patient. We will usually ask for your consent to collect or process this data, though there may be instances where we are required or permitted to do so by applicable law (eg. To comply with public health requirements). We never use your sensitive personal data for marketing purposes.

The legal bases we rely on

Under data protection legislation, organisations must have one of a number of reasons for processing your personal data. Below we outline the bases we use and an example of the purpose for which it is used:

Consent: In some situations, we ask for your consent to process your data for the purpose we have identified.

  • For example, we ask you to tick a box on our enquiry form to receive our special offer and discount emails.
  • As a patient you may be asked for consent to allow us to collect sensitive personal data about you to ensure your safe treatment and care.

Contractual obligations: Sometimes we may need your data to fulfil our obligations.

  • For example, if you wish to book an appointment we may need your payment details, address and contact details to process payment and secure your booking.

Legal compliance: There may be some situations where we are required by law or regulatory bodies to process your data

  • For example, we may require you provide proof of ID and age where the law requires.
  • Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests.

Legitimate Interests: In some situations we require your data to pursue our interests in a way which might reasonably be expected as part of running our business and which does not significantly impact your rights or freedom.

  • For example, we will use the contact details you provide, to call/SMS/email you regarding your enquiry and provide you with targeted relevant information.
  • We may combine and anonymise your data with that of other customers to identify trends and help make improvements to our service and business.

When do we collect your personal data?

  • When you visit any of our websites
  • When you communicate with us by phone or email or instant messaging systems
  • When you engage with us on social media
  • When you interact (open/click) with our emails
  • When you request further information from us
  • When you arrange appointments with clinic staff
  • When you attend appointments and as part of the consultation process
  • When you make payments to us or require a refund
  • When you fill in any forms online or in clinic
  • When you’ve given a third party permission to share with us the information they hold about you (eg. Facebook/Instagram).
  • When you complete any surveys we send you
  • When you review our services
  • When you refer a friend
  • When you visit our clinics we may operate CCTV systems for security purposes

What personal data do we collect?

  • Whilst using our website you may submit information to us via an enquiry form. This may include your name, email address, phone number and postcode. We require this information to contact you regarding your enquiry and to better understand demand for our services.
  • Details of your interactions with us through our call centre, in clinics or online. For example, we may record calls or make note of conversations and maintain phone call logs.
  • Copies of documents you provide to prove your age or ID where the law or company policy requires.
  • Payment details.
  • Details of your visits to our websites, including how you arrived, which pages you visited, time spent, links clicked and technical information about your device and internet connection.
  • Personal details which help us make suggestions. For example, you may indicate that you have a particular skin condition or concern, which we will use to recommend treatments.
  • Information gathered by the use of cookies. Learn more about how we use cookies.
  • Your reviews, survey responses and comments.

How and why do we use your personal data?

We want to give you the best possible experience from your very first interaction with us. One way to achieve this is to better understand who you are by collecting data about you. We use this to make improvements to our service and to communicate information that you are likely to be interested in. There are many cases where we are required to collect and process data about you either to fulfil our contractual obligations to you or to comply with the law. We use your personal data for the following purposes:
  • To contact you regarding your enquiry – we have to collect and process your data in order to fulfil your request for further information or to book an appointment.
  • To provide you with further information about the subject of your enquiry so you understand your options and can make an informed decision.
  • To remind you by email to book subsequent appointments for a treatment you have previously had which requires ongoing review.
  • With your consent, we will send you special offers and news via email – to keep you up to date with our promotions.
  • To tailor the content of our communications – to make it more relevant to you.
  • To contact you regarding your appointments and treatments – we want to make sure you don’t miss your appointments.
  • For business performance analysis – to ensure we continue to provide the best service.
  • To make sure we’re speaking to the right person – to help prevent and detect fraud.
  • To take payment and process refunds
  • To provide customer service and support

How we protect your data

We take the security of your data seriously and take all appropriate steps to protect it from unauthorised access, loss and misuse. We never sell any of your personal data for any purpose. Any sensitive personal data we may collect (such as medical records) is never used for marketing purposes and access to such data is further restricted.

How long do we keep your data?

We only keep your data for as long as is necessary to fulfil the purpose for which it was collected. At the end of the period, your data will either be deleted or anonymised so that it can be used in a non-identifiable way for statistical analysis which helps us make improvements to our service and business.

Cookies & similar technologies

To help us give you the best possible experience, our websites and emails contain cookies, web beacons and similar technologies. Cookies are small, harmless text files that are downloaded to your computer/device when you visit websites. They serve a range of purposes such as helping us understand our website usage, activity and user behaviour. For more information, see our Cookies Policy.

Who do we share your personal data with?

We never sell your data to any third parties. We want to maintain your trust as a reputable company and believe this is essential to ensure this.

However, we do use third parties to support, manage or deliver some of our day to day business services.

As a result, we may share non-sensitive personal data (such as phone numbers, email address and IP address) with the following type of companies we work with:

  • Companies that help us deliver our emails and electronic communications to you.
  • Companies that support our website, phone handling and other IT/business systems.
  • Companies that provide online communication services between you and us such as instant messaging and video conferencing platforms. By using these services you accept their terms of usage and understand that all data including messages, photos, videos, files and transcripts will be managed in accordance with the policies of those third parties.
  • Companies that provide analytics services.
  • Facebook and Instagram to show you our services that might interest you whilst you’re browsing the internet or on social media platforms. This is based on your acceptance of cookies on our websites. See our Cookie Policy for further details.

We select these companies carefully and take precautions to keep your data safe and protect your privacy:

  • We carefully screen all providers with data security playing a key factor in our decision to work with them.
  • We only provide the data they need to perform the services we require.
  • They may only use your data for the purposes we specify and agree with them.

What are your rights?

You have many rights relating to your personal data including:

  • The right to access the personal data we hold about you.
  • The right to request the correction of inaccurate data about you. If we hold inaccurate or out of date information about you, you can request that we change or update it.
  • The right to request that we delete your data or stop processing it – in some instances such as where we no longer need it, we can delete your personal data.
  • The right to stop direct marketing – You have the absolute right to stop our use of your personal data for direct marketing purposes. In this instance we must always comply with your request.
  • The right to withdraw your consent – Whenever you have given us your consent to use your personal data, you have the right to change your mind and tell us.
  • Please note there may be instances where we refuse your request for any of the above (unless otherwise stated) where we have a strong overriding reason or are legally obliged to.

If you wish to exercise any of your rights, have a complaint or questions about this policy, please see the “Who are we?” section for contact details.

How to stop marketing messages from us

There are several ways you can stop receiving marketing messages from us:

Please note these actions will only stop emails that are not related to booking confirmation/ payment confirmation/ medical aftercare. You may still receive email correspondence from The Private Clinic staff; for example emails to confirm your appointments.

  • Clicking the “unsubscribe” link at the top or bottom of any of our marketing emails
  • Send a request to unsubscribe by replying directly to any of our marketing emails

In most cases your request will be processed immediately but occasionally it may take a few days to take effect so you may still receive emails from us during this time.

If you have previously unsubscribed but change your mind and wish to be included in our emails again, please call us or let a member of staff know. We will email you a request which you need to open and accept to start receiving our emails again.


We do not knowingly collect personal data relating to children under the age of 16. If you are a parent or guardian of a child under the age of 16 and think that we may have information relating to that child, please contact us. We will ask you to prove your relationship to the child but if you do so you may (subject to applicable law) request access to and deletion of that child’s personal data.

Changes to this privacy policy

We may update this privacy policy from time to time to reflect how we use your personal data. We will notify you by e-mail (if we hold your email details) of any significant changes but we encourage you to review this policy regularly to stay informed of how we use your data.


If you have concerns about aspects of the way your data has been handled or used by us and are not satisfied with our response, you can report your concerns to the UK Information Commissioner Office (ICO). Details of how to do this are on the ICO website (

Any Questions?

We hope this privacy policy has been helpful in setting out the way we handle your personal data and your rights. If you have any questions that haven’t been covered, please contact our Data Protection Officer at: [email protected]

Or write to:

Data Protection Officer
The Private Clinic of Harley Street
98 Harley Street

This policy was last updated on the 9th May 2018

Cookie Policy

We use cookies on our websites to improve your experience of our website and services. In this policy we will outline the cookies we use, what they do and what you can do about cookies.

What are cookies?

Cookies are small, harmless text files that are downloaded to your computer/device when you visit websites. These files essentially identify your computer/device for specified purposes. Cookies can have a range of different purposes but these are the main reasons we use cookies:

  • Understanding browsing habits on our websites
  • Understanding the number of visitors to our websites and the pages visited
  • Understanding how you found/ came to visit our website

For more information about cookies, please see:

Managing cookies

Cookies help us to improve your experience however if you decide for any reason that you do not wish to accept cookies, there are steps you can take to block them. For more information on how to check whether your browser is allowing cookies and to block them, please go to the settings of your browser. Typically the option to manage cookies will be found in a section called “Privacy” or similar. There should be options to block some/all cookies but you may need to refer to your browser for full details.

Cookies we use

Below is a list of the main cookies we use on our websites and a description of what we use them for:

Google Analytics

We use a number of cookies relating to Google Analytics. These cookies allow us to analyse our website traffic and identify areas of improvement. For full details of the cookies used by Google Analytics click here.

Google Adwords

We use cookies relating to Google Adwords. These cookies allow us to track the performance of our paid for links on Google search results. For details of the cookies used by Google products click here.


ResponseTap is a service that allows us to measure call centre interaction and identify the source of phone calls so we can understand the effectiveness of our marketing efforts.


From time to time we may serve targeted adverts to promote our services on Facebook and Instagram. To enable us to discover and target relevant segments of individuals and ensure the effectiveness of these adverts, our websites contain Facebook cookies. For details of how Facebook adverts work click here.


Hotjar is a service which provides website session replays, heat maps, visitor journeys and analytics to help us better understand your needs to make improvements which ultimately improve your experience. Neither Hotjar nor we will use this information to identify users or match it with further data. Any data you submit to us through our website will not be visible to nor collected by Hotjar.

Web Beacons

Web beacons are not cookies however they perform a similar task. We use beacons on our website and emails to understand user behaviour and the effectiveness of our marketing. For example, beacons in our emails enable us to know that you have opened an email from us which we use to understand the effectiveness of our email marketing efforts.

For further information on how we use your data please see our privacy policy.

If you have any concerns or questions about our policies or how we handle your data, you can contact our Data Protection Officer at: [email protected]

Or write to:

Data Protection Officer
The Private Clinic of Harley Street
98 Harley Street


Ask us a question