This Privacy Policy explains how Nivaris Ltd trading as Dr Nabil Jetha Clinic ("we", "us", "our", "the Clinic") collects, uses, stores, and protects your personal information when you use our website, book appointments, receive treatments, or purchase products from us.

We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Nivaris Ltd trading as Dr Nabil Jetha Clinic is the data controller responsible for your personal data.

Company: Nivaris Ltd
Trading as: Dr Nabil Jetha Clinic
Email: contact@drnabiljetha.com

2. Information We Collect

We may collect and process the following types of personal information:

2.1 Information You Provide

Identity data: name, title, date of birth, gender
Contact data: email address, telephone number, postal address
Medical data: medical history, allergies, medications, previous treatments, photographs (before/after), treatment records
Financial data: payment card details, billing address, transaction history
Account data: username, password, preferences, membership information
Communication data: correspondence with us, feedback, reviews

2.2 Information Collected Automatically

Technical data: IP address, browser type and version, device information, operating system
Usage data: pages visited, time spent on site, click patterns, referring website
Cookie data: see our Cookie section below

3. How We Use Your Information

We use your personal data for the following purposes:

To provide treatments and services: assessing suitability, delivering treatments, providing aftercare, maintaining treatment records
To process orders: fulfilling product purchases, processing payments, arranging delivery
To manage your account: maintaining your membership, applying credits and discounts, sending appointment reminders
To communicate with you: responding to enquiries, sending confirmations, providing updates about your appointments
To improve our services: analysing website usage, gathering feedback, enhancing user experience
To send marketing communications: newsletters, promotions, and offers (only with your consent)
To comply with legal obligations: maintaining medical records, responding to regulatory requirements

4. Legal Basis for Processing

Under UK GDPR, we rely on the following legal bases to process your personal data:

Contract: processing necessary to fulfil our contract with you (e.g., providing treatments, processing orders)
Consent: where you have given clear consent (e.g., marketing communications, before/after photographs)
Legal obligation: processing necessary to comply with the law (e.g., maintaining medical records)
Legitimate interests: processing necessary for our legitimate business interests (e.g., improving services, fraud prevention)
Vital interests: processing necessary to protect your life or health in an emergency

For special category data (health and medical information), we rely on explicit consent and the provision of health care services.

5. Data Sharing

We may share your personal data with:

Service providers: payment processors, booking platforms, email services, IT support
Professional advisers: accountants, lawyers, insurers where necessary
Regulatory bodies: where required by law or professional obligation
Other healthcare providers: where necessary for your care (with your consent)

We do not sell your personal data to third parties. We require all third parties to respect the security of your data and to treat it in accordance with the law.

6. International Transfers

Your data is primarily stored and processed within the UK and European Economic Area (EEA). Where we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

Medical records: retained for a minimum of 10 years from your last treatment (or longer where clinically appropriate)
Transaction records: retained for 7 years for tax and accounting purposes
Marketing preferences: retained until you withdraw consent
Website analytics: retained for up to 26 months

8. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files placed on your device that help us:

Remember your preferences and settings
Understand how you use our website
Improve our website and services
Provide relevant content and advertising

Types of Cookies We Use

Essential cookies: necessary for the website to function (e.g., shopping cart, login sessions)
Analytics cookies: help us understand how visitors use our site (e.g., Google Analytics)
Marketing cookies: used to deliver relevant advertisements and track campaign performance

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality.

9. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of access: request a copy of the personal data we hold about you
Right to rectification: request correction of inaccurate or incomplete data
Right to erasure: request deletion of your data in certain circumstances
Right to restrict processing: request limitation of how we use your data
Right to data portability: receive your data in a structured, machine-readable format
Right to object: object to processing based on legitimate interests or for direct marketing
Right to withdraw consent: withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at contact@drnabiljetha.com. We will respond within one month of receiving your request.

10. Marketing Communications

We may send you marketing communications about our treatments, products, and services if you have:

Opted in to receive marketing when booking or making a purchase
Subscribed to our newsletter
Agreed to receive communications as part of your membership

You can opt out of marketing at any time by:

Clicking the unsubscribe link in any marketing email
Contacting us at contact@drnabiljetha.com
Updating your preferences in your account settings

11. Data Security

We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

Encryption of data in transit and at rest
Secure access controls and authentication
Regular security assessments and updates
Staff training on data protection
Secure disposal of physical and electronic records

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any website you visit.

13. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

15. Complaints

If you have concerns about how we handle your personal data, please contact us first at contact@drnabiljetha.com.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection:

Website: ico.org.uk
Telephone: 0303 123 1113

16. Contact Us

For any questions about this Privacy Policy or how we handle your personal data, please contact us:

Email: contact@drnabiljetha.com

This Privacy Policy applies to all personal data collected by Nivaris Ltd trading as Dr Nabil Jetha Clinic through our website, clinic, and related services.

Products

Pages

Articles

Privacy Policy