Privacy Policy

Protecting our users’ information and privacy is extremely important to us.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting this website, you are accepting and consenting to the practices described in this policy.

If you have any questions regarding our privacy policy, please email info@thirns.co.uk.

 

What information do we collect?

We may collect and process various kinds of data about you when you complete a contact form, browse our website, or use our services.

The data collected through the contact form includes first name, last name, email address, phone number and other information you include in your message to us.
Your contact information is required when you use our services. This includes name, email address, phone numbers, and residential address.

We may automatically collect the following technical information when you visit our website, including the Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform. This also includes the website pages you visit, through and from our site including the date and time, and length of visits to certain pages. For detailed information on the website cookies, please see our cookie policy below.

Please note that we do not collect special categories of personal data, this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, criminal convictions, trade union membership, or genetic or biometric data. However, the nature of our business requires us to collect certain health information for the safe practice and undertaking of our skin treatment business. These records are not stored online, in the cloud or any other virtual form, but are kept in physical form in secure storage which can only be accessed by Olga Brennand as sole practitioner in the clinic. Such health information that is collected and stored is of a very specific and limited nature and is delineated by the proposed treatment discussed with the client and can only be retained with the client’s consent for the duration of the time of the treatment recommended. At the end of a given course of treatment, the stored health information relating to any specific client treatment is securely and sustainably destroyed.

 

How do we use personal information?

We use this personal information for the following purposes:

  • Providing our services to you
  • Account set up and administration
  • Improving the user experience of our website
  • Delivering marketing communications
  • Carrying out polls and surveys
  • Internal research and development purposes
  • To meet our legal obligations (e.g., the prevention of fraud, compliance with health and safety regulations governing the operation of the clinic)

 

When do we share personal data?

We will never lease or sell your personal information to third parties unless we have your written permission, or the law requires us to.

We may have to share your personal data with trusted third parties. Examples of the kind of third parties we work with are:

  • IT companies who support our website and other business systems
  • Professional advisers including lawyers, bankers, auditors and insurers who provide legal, banking, insurance and accounting services.
  • HM Revenue & Customs, our regulators and other authorities who require reporting of processing activities in certain circumstances.
  • Selected medical professionals with whom we might consult, or to whom might refer clients where a health condition might impact on the treatment(s) that we undertake.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not knowingly allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

Where do we store and process personal data?

The data that we collect from you may be transferred to and stored at our clinic at 20 Church Street, Southrepps, Norwich, NR11 8NP under the secure conditions outlined above.

We will do our best to protect your personal data, however, we cannot guarantee the security of your data transmitted through our website. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

 

How do we secure personal data?

To help keep your personal data secure, we put in measures to:

  • protect data against accidental loss
  • prevent unauthorised access, use, destruction, or disclosure
  • ensure business continuity and disaster recovery
  • restrict access to personal information
  • train staff and contractors on data security
  • manage third-party risks, through use of contracts and security reviews

We have implemented strong electronic safeguards including a SSL encryption across the entire website, enabling an encrypted link between the website server and browser.

 

How long do we keep your personal data for?

We will retain your personal data for no longer than reasonably necessary to fulfil the purposes for which it was collected.

The retention period for personal data will be determined by the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use and the applicable legal requirements.

By law, we must keep basic information about our customers for seven years after they cease being customers for accounting purposes.

 

Your rights in relation to personal data

You have the right to ask us not to process your personal data for marketing purposes. We will inform you before collecting your data if we intend to use your data for such purposes and an opt-in mechanism will always be provided. You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us directly.

You have the right to access, correct or request deletion of information held about you. You can exercise the right at any time by contacting us at info@thirns.co.uk. This right may be limited if the request may expose personal data about another person or if we are required to keep the information by law.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns you have before you approach the ICO and so please contact us in the first instance.

 

Links to third party websites

Our site contains links to third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.

 

Cookies

Below is a list of the cookies that we use. We have tried to ensure this is complete and up to date, but if you think that we have missed a cookie or there is any discrepancy, please let us know.

Unless you have adjusted your web browser settings to refuse cookies, our website will issue cookies as soon you visit our website. If you have switched off cookies, then some of the functionality on the website may not be available or work fully.

 

Online store

Cookies are used by the online store in a variety of ways:

woocommerce_cart_hash
Expires after the browsing session
Helps determine when cart contents/data changes.

woocommerce_items_in_cart
Expires after the browsing session
Helps determine when cart contents/data changes.

wp_woocommerce_session_
Expires after 2 days
Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.

woocommerce_recently_viewed
Expires after the browsing session
Powers the Recent Viewed Products functionality.

store_notice[notice id]
Expires after the browsing session
Allows customers to dismiss the Store Notice.

 

 

Google Analytics

This website uses Google Analytics, a web analytics tool provided by Google Ireland Limited (“Google”). Google Analytics uses cookies to help the website analyse how users use the website. This uses first-party cookies to:

  • Distinguish unique users
  • Distinguish sessions for a user

The cookies used by Google Analytics are:

_ga
Expires after 2 years
Used to distinguish users

_gid
Expires after 24 hours
Used to distinguish users

_gat_[ID]
Expires after 2 years
Used to persist session state

 

Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

 

How to contact us

If you have any questions or concerns about our privacy practices, your personal information, or if you wish to file a complaint, please contact us at info@thirns.co.uk.