Endo Package 1 - Face only GBP 995 (list value GBP 2,000+)Package 3 - Morpheus8 + PRP or Exosomes GBP 1,995Package 4 - Ultimate lift + regeneration bundle GBP 2,995Book a consultation-led consultation to confirm suitability
Back to Home

Privacy Policy

Effective date: 1 April 2026 · United Kingdom

Who We Are (Data Controller)

Aesthetics by KK is led by Kiran Kaur and serves patients in Canary Wharf and Birmingham. For UK data protection law (UK GDPR and the Data Protection Act 2018), the data controller is the legal entity operating this website and clinical services at Aesthetics by KK. Privacy enquiries: info@aestheticsbykk.clinic. You may also lodge a complaint with the Information Commissioner's Office (ICO) (UK supervisory authority).

Data We Collect

We may collect identity and contact details (name, email, phone), consultation and enquiry data (goals, concerns, preferences, and health screening responses where you provide them), booking and payment-related identifiers where you use our checkout or scheduling tools, messages you send us via WhatsApp Business or other channels we operate, and technical data (device/browser information, cookies, and analytics as described in our Cookie policy).

How We Use Data

We use your data to respond to enquiries, provide pre-consultation guidance, manage bookings and payments where applicable, operate our website and WhatsApp Business communications with appropriate human oversight where we offer them, maintain safety and record-keeping standards, and improve service quality. Automated tools may assist with drafting responses; they do not replace clinical judgement or emergency care.

Lawful Basis and Special Category Data

We process personal data under UK GDPR lawful bases such as consent, legitimate interests, and (where relevant) performance of a contract. Where you voluntarily provide health-related information, we treat it as special category data and apply appropriate conditions, minimisation, and confidentiality controls.

Processors and Third Parties

We use reputable service providers who process data on our instructions (processors), for example: website and database hosting; email and transactional messaging; payments; scheduling; analytics; and WhatsApp Business / Meta infrastructure where you contact us on WhatsApp. Those providers may process data in the UK, EEA, or other countries with appropriate safeguards (such as UK adequacy regulations or standard contractual clauses) where required. Their own privacy notices also apply to their platforms.

Retention and Security

We retain data only as long as necessary for clinical, legal, regulatory, and operational purposes (including dispute resolution and accounting). We use technical and organisational measures designed to protect personal data from unauthorised access, alteration, disclosure, or loss.

Your UK Rights

Subject to applicable exemptions, you may have the right to: access your personal data; rectify inaccuracies; erase data in certain circumstances; restrict processing; object to processing based on legitimate interests (including direct marketing); data portability where processing is automated and based on contract or consent; and withdraw consent where processing is consent-based. To exercise these rights, contact us using the details below. You may also complain to the ICO.

How to Request Deletion of Your Data

If you want us to delete or anonymise personal data we hold about you (including enquiry, booking, CRM, or WhatsApp conversation data tied to your phone number or email where we can reasonably identify you), email info@aestheticsbykk.clinic from the address or number associated with your request where possible, with the subject line Data deletion request. Please include enough detail for us to locate your records (for example your full name, phone number in international format, and approximate date of contact).

We will confirm receipt where appropriate and respond within one month in line with UK GDPR, or explain if we need longer in complex cases. We may retain certain information where the law requires us to (for example clinical records, financial records, or information needed to establish, exercise, or defend legal claims).

Meta / WhatsApp: If you use WhatsApp, Meta also processes data on its own terms; you may exercise rights with Meta separately. These instructions describe how to ask Aesthetics by KK to delete data we control in our systems.

Contact

For privacy and data protection requests (including access, correction, deletion, or objections), email info@aestheticsbykk.clinic or write to us at our clinic address shown on this website. This policy is provided for transparency; it does not constitute legal advice. For deletion instructions only, you may also use our dedicated data deletion page.