Privacy Policy
Effective April 2025 | In Compliance with UK GDPR & Data Protection Act 2018
Miss Amber MD is committed to protecting and respecting your privacy.
This Privacy Policy explains when and why we collect personal information about individuals who visit our websites, how we use it, the conditions under which we may disclose it, and how we keep it secure.
By using our websites (www.missambermd.com and www.missambermd.co.uk), you agree to the terms of this Privacy Policy.
We may update this Policy from time to time, so please review it periodically to ensure you are happy with any changes.
For any questions regarding this Policy or our privacy practices, please contact us at: hello@missambermd.com
1. Who We Are
We are Miss Amber MD, specialists in facial and body aesthetic treatments and services in the United Kingdom.
We act as a Data Controller for the personal information you provide to us.
2. How We Collect Information
We collect personal data when you:
• Visit or browse our websites.
• Contact us regarding products, services, or bookings.
• Register for newsletters or marketing communications.
• Book treatments or courses (online, by phone, or in-clinic).
• Apply for a job or submit enquiries.
3. What Information We Collect
The personal information we may collect includes:
• Full name, address, phone number, and email address.
• Date of birth (where required for treatment purposes).
• Medical history (where applicable for treatment safety).
• IP address, browser data, and website usage information.
• Payment information (Note: We do not store card details. Payments are processed securely via third-party providers).
4. How We Use Your Information
We use your data to:
• Process bookings, appointments, and payments.
• Maintain accurate medical and treatment records (as legally required).
• Communicate appointment confirmations, reminders, and updates.
• Send newsletters or marketing communications (with your consent).
• Respond to enquiries or customer service requests.
• Fulfil legal, regulatory, or insurance obligations.
• Improve website functionality and user experience via analytics.
• Prevent fraud or misuse of our services.
We will only process your personal data where we have a lawful basis to do so, such as:
• Performance of a contract (e.g., booking treatments).
• Legal obligation (e.g., maintaining medical records).
• Consent (e.g., marketing communications).
• Legitimate business interests (e.g., improving services).
5. Data Retention
• Medical and treatment records are retained for a minimum of 7 years in compliance with healthcare regulations.
• Marketing data will be retained until you withdraw consent.
• General enquiries and non-essential data are reviewed regularly and deleted when no longer necessary.
6. Sharing Your Information
We will never sell or rent your personal data to third parties.
We may share your information with:
• Trusted third-party service providers (e.g., email platforms, booking systems) solely for business operations.
• Regulatory authorities if required by law.
• Payment processors for secure transactions.
• Legal or insurance providers in case of claims or disputes.
All third parties are bound by confidentiality and data protection agreements.
7. Your Data Protection Rights
Under UK GDPR, you have the right to:
• Access your personal data.
• Rectify inaccurate or incomplete data.
• Erase your data (“right to be forgotten”) in certain circumstances.
• Restrict processing of your data.
• Data portability (where applicable).
• Object to processing based on legitimate interests or direct marketing.
• Withdraw consent at any time where processing is based on consent.
You can exercise your rights by contacting hello@missambermd.com.
We will respond within 30 days.
(Note: We no longer charge fees for data access requests unless requests are excessive.)
If you are dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
8. Marketing Preferences
We will only send you marketing communications if you have opted in.
You can unsubscribe at any time by:
• Clicking the “unsubscribe” link in emails.
• Contacting us at hello@missambermd.com.
We will respect your communication preferences.
9. Security of Your Data
We take appropriate technical and organisational measures to protect your personal data, including:
• Encryption of sensitive information.
• Secure servers and restricted access.
• Regular security reviews.
While we strive to protect your data, transmission over the internet is never fully secure. Any data you send is at your own risk.
10. Cookies
Our websites use cookies to enhance user experience and collect anonymised analytical data.
You can control cookie settings via your browser.
For more information, please refer to our separate Cookie Policy or visit:
Google Analytics Privacy Overview
11. Links to Other Websites
Our websites may contain links to third-party sites.
This Privacy Policy applies only to Miss Amber MD. We are not responsible for the privacy practices of other websites.
12. Automated Decision-Making & Profiling
We may use limited profiling to tailor marketing communications based on your preferences. We do not engage in automated decision-making that produces legal effects.
13. Changes to This Policy
We may update this Privacy Policy to reflect changes in legal requirements or business practices. Significant changes will be communicated via email (where possible) or via our website.
This Policy was last reviewed in April 2025.
14. Contact Us
For any questions regarding this Privacy Policy or to exercise your data rights: contact
Miss Amber MD Management team: hello@missambermd.com
Registered Websites: www.missambermd.com | www.missambermd.co.uk
You can also contact the ICO for further guidance on data protection rights.
To view our cancellation and refund policy clink here