Privacy Policy

Effective Date: 27th April 2026

At Dr Layla Clinic, discretion, trust, and patient care are at the heart of everything we do. We are committed to safeguarding your personal information and handling it with the highest standards of confidentiality, security, and professionalism.

This Privacy Policy explains how we collect, use, and protect your data when you visit our website or receive treatment at our clinic, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Dr Layla Clinic is a doctor-led medical aesthetics clinic dedicated to delivering refined, natural results through bespoke treatment plans.

Data Controller: Dr Layla Clinic
Email: contact@drlaylaclinic.co.uk

2. The Information We Collect

We collect only the information necessary to provide a safe, personalised, and high-quality experience.

Personal Information

  • Full name

  • Contact details (email address, telephone number)

  • Date of birth

Clinical Information

  • Relevant medical history

  • Treatment records and consultation notes

  • Photographs (where consent is provided)

Website Usage Data

  • IP address and browser type

  • Pages visited and interactions on our website

  • Cookies and analytics data

3. How Your Information Is Used

Your information is used with care and intention to:

  • Provide tailored consultations and safe medical treatments

  • Maintain accurate and confidential clinical records

  • Manage bookings and communicate appointment details

  • Deliver a seamless and personalised patient experience

  • Improve our services and digital experience

  • Fulfil our professional and legal obligations as a medical clinic

We will never use your information in a way that compromises your privacy or trust.

4. Lawful Basis for Processing

We process your data in accordance with UK GDPR under the following bases:

  • Contractual necessity – to deliver the services you request

  • Legal obligation – to meet medical, regulatory, and record-keeping requirements

  • Legitimate interests – to enhance and refine our services

  • Consent – for marketing communications and clinical photography

Special category (medical) data is processed strictly for the provision of healthcare and with your explicit consent where required.

5. Confidentiality & Data Sharing

Patient confidentiality is paramount.

We do not sell or share your data for marketing purposes. Your information may only be shared where necessary with:

  • Qualified healthcare professionals involved in your care

  • Trusted service providers (e.g. secure booking or IT systems)

  • Regulatory or legal authorities where required

All third parties are carefully selected and held to strict data protection standards.

6. Data Retention

We retain your information only for as long as necessary to provide safe care and meet legal obligations:

  • Medical records are retained in line with UK clinical guidelines

  • Non-clinical enquiries are retained only as needed

7. Data Security

We take a meticulous approach to data security, including:

  • Secure, encrypted systems

  • Restricted access to authorised personnel only

  • Confidential handling of all patient records

8. Your Rights

You have full control over your personal data. Under UK GDPR, you have the right to:

  • Access your personal information

  • Request correction of inaccurate data

  • Request deletion (where legally permissible)

  • Restrict or object to processing

  • Withdraw consent at any time

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

9. Cookies

Our website uses cookies to provide a smooth and tailored browsing experience.

You may manage or disable cookies through your browser settings or via our cookie banner.

10. Marketing Communications

Where you have chosen to hear from us, we may send carefully curated updates, offers, or clinic news.

You can opt out at any time using the unsubscribe link or by contacting us directly.

11. Third-Party Links

Our website may include links to external websites. We are not responsible for their content or privacy practices.

12. Updates to This Policy

We may update this policy to reflect changes in our services or legal requirements. The latest version will always be available on our website.

13. Contact

For any privacy-related enquiries, please contact:

Dr Layla Clinic
Email: contact@drlaylaclinic.co.uk