In-Clinic Treatments Available

Website Logo
Website Logo

Instagram

Tiktok

Privacy Policy

Last Updated: [Insert Date]

1. Introduction

This Privacy Policy explains how [Your Company Name] (“we”, “us”, “our”) collects, uses, stores, and protects your personal information when you visit https://nonordinaire.co.uk/ (“the Website”) or purchase products or services, including:

  • Cosmetic products
  • In-clinic skin treatments
  • Prescription-only medicines (POMs)

We are committed to protecting your privacy and complying with UK GDPR, the Data Protection Act 2018, the Medicines Regulations, and all other applicable UK laws.

By using our Website or services, you agree to the collection and processing of your data as outlined in this Privacy Policy.

2. Who We Are

Company Name: [Your Company Name]
Website: https://nonordinaire.co.uk
Registered Address: [Insert Address]
Email: [Insert Contact Email]

We are the data controller, responsible for determining the purposes and methods of processing your personal data.

3. Information We Collect

3.1 Information You Provide

When you use our services, you may provide:

  • Identity details: full name, date of birth, gender
  • Contact details: email, telephone number, billing and delivery addresses
  • Health information: medical history, allergies, skin type, prescription details
  • Treatment information: consultation notes, treatment preferences, online consultation records
  • Account details: username, password (if you create an account)
  • Payment information: processed securely via Stripe (we do not store full card details)

3.2 Information Collected Automatically

We may automatically collect:

  • IP address, browser type, device type
  • Website usage information (pages viewed, actions taken)
  • Cookies and similar tracking technologies

3.3 Information from Third Parties

We may receive information from:

  • Pharmacies or clinics for prescriptions and treatments
  • Payment providers (Stripe) to confirm transactions
  • Delivery services to fulfil orders

4. Special Category Data

Prescription information, medical history, and treatment records are considered special category data. We process this data only when:

  • Necessary for providing medical care or treatments
  • Required by law
  • You give explicit consent, including mandatory consent for clinicians to access your Summary Care Record (SCR) when applicable

5. How We Use Your Data

5.1 To Provide Products and Services

We use your personal data to:

  • Process and deliver cosmetic products and POMs
  • Provide in-clinic and online consultations
  • Administer treatments safely and legally
  • Communicate with you regarding orders, prescriptions, or treatment plans

5.2 Legal and Regulatory Compliance

We use your data to:

  • Maintain records to comply with medical, pharmaceutical, and tax laws
  • Prevent fraud or misuse of medicines
  • Respond to lawful requests by authorities

5.3 Marketing (Consent-Based)

  • We may send email newsletters, promotional offers, and product updates.
  • You can opt out at any time by clicking “unsubscribe” or contacting us.

5.4 Website Improvement and Analytics

  • We analyse usage to improve our Website, services, and security.
  • We monitor website performance.

6. Legal Bases for Processing

We process your data under the following legal bases:

  • Contractual necessity: to deliver products, prescriptions, or treatments
  • Consent: for marketing or sharing health data, including mandatory SCR access for POM prescriptions
  • Legal obligation: record-keeping for medical, pharmaceutical, and financial compliance
  • Legitimate interests: fraud prevention, website optimisation, service improvement

7. Sharing Your Data

We share your data only when necessary with:

  • Pharmacies and clinics for prescription dispensing or treatments
  • Delivery providers for shipping orders
  • Payment processors (Stripe)
  • IT providers, cloud storage, and hosting services
  • Legal, financial, and regulatory authorities where required

We do not sell, rent, or transfer your data outside the UK.

8. Data Retention

We retain personal data only as long as necessary:

  • Orders & prescriptions: minimum of six years (legal compliance)
  • Patient treatment records: according to healthcare regulations
  • Marketing data: until consent is withdrawn
  • Website analytics: anonymised after twelve months

9. Your Rights

You have the right to:

  • Access, correct, or delete your data
  • Restrict or object to processing
  • Withdraw consent at any time
  • Receive your data in a portable format
  • Lodge a complaint with the ICO

To exercise your rights, please contact [Insert Contact Email].

10. Cookies and Tracking

We use cookies to:

  • Enable website functionality
  • Analyse site usage
  • Support secure payments
  • Deliver marketing content

You can manage cookies via your browser settings.

11. Payments via Stripe

Payments are processed securely through Stripe. Stripe may collect and process certain personal information necessary for payment.

For details, see Stripe’s Privacy Policy.

12. Security Measures

We implement appropriate technical and organisational measures:

  • SSL encryption for data in transit
  • Secure servers and cloud storage
  • Role-based access controls
  • Staff training on data protection
  • Regular audits and risk assessments

13. Children’s Privacy

The Website is not intended for individuals under 18 years of age. We do not knowingly collect data from minors.

14. Online Consultations

If you participate in online consultations, you will be asked to provide explicit consent for our clinicians to access your Summary Care Record (SCR) where relevant.

  • Audio/video consultation data, consultation notes, and prescription information will be stored securely in line with healthcare regulations.
  • This consent is mandatory for POM prescriptions.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on the Website.

16. Contact Us

Email: [Insert Contact Email]
Address: [Insert Company Address]