We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Privacy policy

The Hairology Centre is the controller of your personal information. We provide independent healthcare services in the form of the following regulated activity:

  • Treatment of Hair loss conditions -This includes private outpatient consultations in relation to hair loss treatments, physical examinations, prescribing of medicines, dispensing medicines and referrals to other healthcare specialists as necessary.

The clinic staff and healthcare professionals who provide you with care and support about your health condition maintain records about all aspects of your health and lifestyle. These records help The Hairology Centre to provide you with the best possible healthcare.

How do we collect information from you?

We collect information when you register as a new patient at The Hairology Centre and we ask you complete a registration form and answer some questions about your personal health. Once you see a clinician during your appointment, the clinician will create a medical record about your personal health.

What type of information do we collect from you?

The personal information we collect includes your name, date of birth, home address, email address, contact telephone number, emergency contact details, and credit or debit card payment information. If you have attended The Hairology Centre for an appointment in the past, we will have a record of that previous contact.


The medical information our clinicians collect is specifically about your personal health. This includes information about your past medical history, hair loss type, hair loss images, any current medicines you are taking, and a description of the health issue that you are experiencing. If you have any tests carried out such as blood tests, we will keep the tests results in your healthcare record. If you have been referred to a healthcare specialist outside of The Hairology Centre, we will keep any correspondence from the specialist in your healthcare record. This includes information submitted through online consultation.

Your credit or debit card information is used to allow the Hairology centre to receive payment for your appointment.

Your medical information is used by our Hair loss specialists to recommend what is the best treatment for hair loss you are experiencing.

We use patients’ healthcare records to audit and monitor the quality of the Hairology Centre service. For example, we may audit the records of patients who have had a particular treatment to see how well it has worked. When we carry out any audits, we never use any information that could identify a patient such as a name, address, or date of birth.

Who has access to your information?

Only The Hairology Centre staff accesses the processing of your personal and medical information. Every member of staff who works for The Hairology Centre has a legal obligation to keep information about you confidential. Our staffs include medical practitioners, pharmacists, managers, and reception staff.


Your medical information and identity details are used to provide quality and continuity of care. Our customer service might also need to access your record in order to assist you in your query and verify your identity before releasing any information to you.

Our IT department might need to access your account if there is a technical issue to solve or in order to enhance the tools we’re using.

The compliance/legal team might also access your information in order to send you data when you make a data subject request. 

All our staff are bound to strict confidentiality undertakings and have had initial and ongoing data protection training. 

The Hairology Centre implements an access right policy and this allows access to the data only on a need-to-know basis. 

With third parties and processors:

Like most companies, we use a number of suppliers as part of our data processing. For example cloud services and technology services carriers. 

For marketing purposes, research and analytics, we are also using suppliers such as email platform providers, analytics software, survey tools.

We have Data Processing Agreements in place with these providers to secure the use of your data by these suppliers. 

If data is transferred from the UK to the EEA or from the EEA to the UK, then it is done so on the basis of those countries receiving the data are having a comparable data protection regime to the country sharing the data (adequacy).

Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example with Standard Contractual Clauses with additional due diligence.

In order to provide the medical service to you and for security purposes, we need to share your personal data with third parties including payment providers.

As regulated healthcare providers, we might need to disclose certain of your information including personal data and medical data to, including but not limited to:

– The General Pharmaceutical Council, the medical regulator who inspects our service and premises.

– Your GP with your consent or based on your vital interests.

Finally, we may need to share your information for legal reasons:

  • Should we sell or buy any business or assets, we may need to share your data with the future seller or buyer.
  • If we are asked to share your personal data as a result of a court order, legal processing or any other legal obligation.
  • To protect the rights, property, or safety of The Hairology Centre, our patients, suppliers and partners, or others. This includes exchanging information for fraud protection, reducing credit risk and verifying your identity by an ID&V provider.

Rest assured, we only share information that is absolutely necessary and we go to great lengths to make sure everyone we work with takes your privacy as seriously as we do.

Medical records

We follow the NHS Records Management Code of Practice for Health and Social Care 2016. Note that the records include your identity data, medical data and contact details and the messages exchanged with our practitioners and customer service. 

When you give us your personal information, we take steps to ensure that it is treated securely. Any information we hold about you in paper format is held securely in locked filing systems. Any information we hold about you in electronic format is held securely on our computer system and backed up externally with our data protection providers who have no access to your data.

Account details

If you registered with us and have not ordered any service, we will retain this data until you notify us that you want to stop using our service and ask for your data to be deleted unless we have a legal or regulatory reason to keep them.

If you’ve ordered from us or had any exchanges with our clinicians about your health or if you are making any claim, we will keep these data as per the paragraph above (Medical Records) and in order to defend our rights and interests in case of a dispute or a claim.

Note that the account cannot be deleted but suspended which means that access is revoked. If we have no reason to keep the data as explained above, we will anonymise the account.

Research

If you have provided your data for research purposes, we retain the data for 4 years. After 4 years, the data is anonymised and so no longer falls under the data protection regulations.

Analytics

Data about the usage of our services and technical data used for analytics are retained in a pseudonymous manner for as long as you have a non-suspended account with us or until you action a right to erasure.

In the context of the pandemic, the Secretary of State in the past has required health organisations amongst other entities to share confidential patient information to respond to the Covid-19 outbreak based on reasons of public interest in the area of public health, and research in the public interest.

Any information used or shared during any Covid-19 outbreak will be limited to the period of the outbreak unless there is another legal basis to use the data.

Where data is used and shared under these laws your right to have personal data erased will also not apply.

We may share your confidential patient information including, but not limited to, your name, ethnicity, NHS number, test results with health and care organisations and public bodies engaged in disease surveillance for the purposes of protecting public health including the UK government. 

We may also use the details we have to send public health messages to you, either by phone, text or email and /or to follow-up on Covid-19 test you’ve done.

Your personal/confidential patient information will be safeguarded in the same way it would with any other consultation. We will not collect more information than we require and we will ensure that any information collected is treated with the appropriate safeguards.

If any usage and technical data are linked to you directly once you register with us, we will keep them until you ask for the deletion of your data or until you inform us that you want to stop using our services. 

Website Browsing Privacy Notice

As a user of our Website and depending on the cookie preferences you gave, we may collect your individual usage data which includes information about how you use our website, products and services. This is used to create aggregated data.

If cookies are loaded, we will process information about the pages you have visited, your searches on our website, load and download times, time spent on our pages, interaction with the page (click, scrolling, mouse-overs) and what led you to our website (link in an article, Google search etc.).

We perform analytics based on this data. Performing analytics is vital for us to understand how you interact with our website and various services in order to improve them and to give you a good user experience. 

We do not use your browsing data to predict or make any assumptions about you.

Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data that will be used in accordance with the patient privacy notice.

Our lawful basis for processing your data is legitimate interest for security purposes and for business purposes.

Research Participant Privacy Notice

As a research participant of The Hairology Centre, we hold the information you provide when answering a survey, or participating in an interview, face to face or remotely.

We hold personal data and aggregated data such as statistical or demographic data.

Once data is aggregated it is not considered personal data, as you cannot be identified from it, directly or we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with the patient privacy notice.

We use these data in order to continually get feedback on our services and understand our customers’ expectations and experiences. 

When you use our website we also collect additional information.

Lawful basis for processing

Our lawful basis for processing your data is based on legitimate interest or consent depending on the type of research made.

If you provided consent, you may withdraw this consent at any time by emailing customer services.

We do not share your information with any third parties for marketing purposes.

For security, CCTV images and recording is collected automatically when you visit the clinic

Retention Periods

We will keep your data for the duration of our contract and for a period of 7 years after the end of our relationship or longer if submitted to a legal/regulatory obligation.

By agreeing to this privacy notice, you are giving The Hairology Centre permission to process your personal data specifically for the purposes identified. You are able to withdraw your consent at any time.