PrivacyPrivacy Policy
Cosmetic physician Ayleen The attaches great importance to the protection of your personal data and medical records. In this privacy policy, we explain what data we collect, why we do so and how we handle it. We process personal data in accordance with the General Data Protection Regulation (GDPR).
What personal data do we process?
We process personal data that you provide to us yourself or that is necessary for carrying out a treatment.
Identity data
- Name, date of birth, gender
Contact details
- Address, telephone number, email address
Medical data
- Medical history
- Medication use
- Allergies
- Contraindications
- Treatment records
- Photos (before and after treatments, only with consent)
Financial data
- Payment and invoicing details
Technical data
- IP address
- Website usage data (cookies, where applicable)
Purposes of data processing
We process personal data exclusively for the following purposes:
Legal bases for processing
Personal data is processed on the basis of one or more of the following legal grounds:
- Performance of the treatment agreement
- Legal obligation
- Explicit consent of the client
- Legitimate interest (e.g. practice management and administration)
Data controller
Cosmetic physician Ayleen The is responsible for the processing of personal data as described in this privacy policy.
For questions about privacy, you can contact us via the contact details on the website.
Medical file
A medical file is created for each client. This file contains medical and treatment-related information.
The medical file is kept for as long as legally required. For medical files, a statutory retention period of at least 20 years applies.
Photos and visual material
Before and after photos are only taken and used with your explicit consent.
This may include:
- Medical file management
- Treatment planning and evaluation
Use of photos for marketing or educational purposes only takes place after separate written consent.
Sharing personal data with third parties
We only share personal data with third parties if this is necessary for the performance of our services or to comply with a legal obligation.
This may include:
- Software providers for files and appointments
- Administration or accounting
- Payment providers
With parties that process personal data on our behalf, we enter into processing agreements to ensure security and confidentiality. We never sell your data to third parties.
Retention periods
Personal data is not retained for longer than necessary for the purpose for which it was collected, unless a statutory retention obligation applies.
Medical files are kept for at least 20 years, in accordance with statutory requirements.
Cookies and website usage
The website may use functional and analytical cookies to ensure the website functions properly and to improve it.
If marketing cookies are used, this only happens with your consent. More information can be found in the cookie policy, where applicable.
Changes to this privacy policy
Cosmetic physician Ayleen The reserves the right to modify this privacy policy. The most current version is always available on the website.
Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access or disclosure.
- Secured software
- Limited access to medical files
- Confidentiality obligation
- Encrypted storage where applicable
Your rights
You have the right to:
- Access your personal data
- Have your data corrected
- Have your data deleted (to the extent legally permitted)
- Restrict processing
- Object to processing
- Withdraw your consent
- File a complaint with the Data Protection Authority
A request can be submitted via the contact details on the website. We will respond within the statutory period.
Questions about privacy?
For questions about this privacy policy or about the processing of personal data, you can contact us via the contact details on the website.