Privacy policy.

The Rejuvenation Rooms
Operated by Jen Barclay, RN, Independent Nurse Prescriber
Last updated: JANUARY 2026

1. Introduction

The Rejuvenation Rooms is committed to protecting your privacy and safeguarding your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website, contact us, or receive treatment with us.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable healthcare and regulatory standards.

2. Who We Are (Data Controller)

For the purposes of data protection law, the data controller is:

Jen Barclay, RN, Independent Nurse Prescriber
The Rejuvenation Rooms
Address: TRINITY YARDS, 59 ST LEONARDS `RD, WINDSOR, SL4 3BX
Email: [insert email address]
Telephone: 07595 543406

3. Personal Data We Collect

We may collect and process the following categories of personal data:

a) Identity & Contact Information

  • Full name

  • Date of birth

  • Gender (where clinically relevant)

  • Email address

  • Telephone number

  • Postal address

b) Medical & Health Information (Special Category Data)

  • Medical history and health questionnaires

  • Medication history

  • Allergies and contraindications

  • Consultation notes and clinical records

  • Treatment details and outcomes

  • Before-and-after photographs (only with explicit consent)

c) Appointment & Communication Data

  • Appointment bookings and attendance history

  • Emails, messages, or telephone correspondence

  • Aftercare and follow-up communications

d) Website & Technical Data

  • IP address

  • Browser type and device information

  • Pages visited and usage data

  • Cookies and similar technologies

4. Lawful Basis for Processing Your Data

We process personal data under the following lawful bases:

  • Consent – for marketing communications, photography, and optional services

  • Contract – to provide consultations and treatments you book

  • Legal obligation – to comply with healthcare, insurance, and regulatory requirements

  • Vital interests – to protect your health or safety

  • Legitimate interests – for clinic administration, service improvement, and fraud prevention

Special category (health) data is processed under Article 9(2)(h) UK GDPR for the provision of healthcare and medical treatment.

5. How We Use Your Information

We use your personal data to:

  • Deliver safe, appropriate, and personalised aesthetic treatments

  • Conduct medical consultations and assessments

  • Maintain accurate clinical records

  • Manage appointments and communicate with you

  • Provide aftercare and follow-up support

  • Process payments and maintain financial records

  • Meet professional, legal, and regulatory obligations

  • Improve our services and website functionality

We do not sell or rent your personal data to third parties.

6. Marketing Communications

With your explicit consent, we may contact you about:

  • Appointment reminders

  • Aftercare information

  • Clinic updates

  • New treatments or special offers

You may withdraw consent at any time by contacting us or using the unsubscribe option included in our communications.

7. Sharing Your Personal Data

We only share your data where necessary and lawful, including with:

  • Other healthcare professionals involved in your care (where appropriate)

  • Pharmacies or laboratories (where clinically required)

  • Professional advisers (e.g. accountants, insurers)

  • Regulatory or legal authorities where required by law

All third parties are required to handle your data securely and in compliance with UK GDPR.

8. Data Security

We take appropriate technical and organisational measures to protect your data, including:

  • Secure electronic record systems

  • Restricted access to medical and sensitive information

  • Password protection and encryption where applicable

  • Secure storage of paper records

While we take all reasonable precautions, no system can be guaranteed to be completely secure.

9. Data Retention

We retain personal data only for as long as necessary:

  • Medical records are retained in line with professional and legal requirements (typically a minimum of 7 years)

  • Financial records are retained as required by HMRC

  • Marketing data is retained until consent is withdrawn

When data is no longer required, it is securely deleted or anonymised.

10. Your Rights Under UK GDPR

You have the right to:

  • Access your personal data

  • Request correction of inaccurate or incomplete data

  • Request erasure of your data (where applicable)

  • Restrict processing of your data

  • Object to processing

  • Request data portability (where applicable)

  • Withdraw consent at any time

To exercise your rights, please contact us using the details above.

11. Cookies

Our website uses cookies to improve functionality and user experience. You can control or disable cookies through your browser settings. Further details can be found in our Cookie Policy.

12. Complaints

If you are unhappy with how your data has been handled, you have the right to complain to the Information Commissioner’s Office (ICO):

Website: https://www.ico.org.uk
Telephone: 0303 123 1113

We encourage you to contact us first so we can try to resolve your concerns.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law or our practices. The most current version will always be available on our website.

14. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Jen Barclay, RN, Independent Nurse Prescriber
The Rejuvenation Rooms
Email: info@therejuvenationrooms.co.uk