Who we are
This Privacy Policy provides details of how we collect and process your personal data at Kiam Clinic based in London. It is effective from 11th July 2025 in accordance with the UK General Data Protection Regulation (UK GDPR). We take data protection and confidentiality very seriously and aim to be transparent about how your data is used. We hope this policy answers any questions you may have; however, please refer to the contact details below if you have any further concerns or queries.
Last updated: 22nd September 2025
Information We Collect
- Personal Data
- Consultants: name, email, phone, professional qualifications, insurance details.
- Clients (via consultants): name, contact details, appointment information.
- Booking Data
- Date/time of room bookings, room type—handled through LatePoint Pro.
- Payment Data
- Payment details are only processed via our secure third-party payment gateway (Stripe), and we do not store card details.
- Technical & Usage Data
- IP address, browser/device info, session logs via cookies and analytics (Google Analytics).
How We Use Your Data
We process your information for:
- Managing and confirming room bookings.
- Authenticating consultant accounts.
- Communicating appointment details and reminders.
- Operating, maintaining, and improving our website and services.
- Ensuring security and preventing misuse.
- Fulfilling legal and regulatory obligations.
Legal Bases for Processing
Under UK GDPR, we process data with legal bases including:
- Contract: to provide booking services.
- Legitimate interests: for website functionality, analytics, and security.
- Consent: where required (e.g., non-essential cookies).
- Compliance: responding to legal requests or preventing fraud.
Cookies & Tracking
We use cookies for:
- Essential: core site functionality and LatePoint booking operation.
- Analytics: via Google Analytics or Similar Services to track usage and performance.
- Preferences: to store your cookie consent and site settings.
You can manage or withdraw your cookie consent through browser settings.
Data Sharing & Disclosure
We do not sell, rent, or trade your personal data. We only share it with:
- Service Providers: WordPress host, analytics, and booking plugin support.
- Payment Gateways: solely for secure processing.
- Legal Authorities: if required by law to comply with regulations or legal processes.
All third parties are contractually bound to process your data securely and in compliance with UK GDPR.
International Transfers
All data is stored and processed in the UK/EU. We do not transfer personal data outside the European Economic Area.
Data Retention
We retain:
- Booking and contract-related data for up to 7 years (for legal and tax compliance).
- Consultant account info while accounts are active.
- Analytics and log data for up to 25 months, anonymised where possible.
After retention periods lapse, data is deleted or securely anonymised.
Your Rights
You have the right to:
- Access your data.
- Rectify inaccuracies.
- Erase your data (subject to legal retention obligations).
- Restrict or object to processing.
- Withdraw consent at any time.
- Lodge a complaint with the Information Commissioner’s Office (ICO): Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF; Tel: 0303 123 1113.
Security
We apply technical (SSL, secure hosting) and organisational (training, access controls) measures to protect your data. All staff and processors are GDPR-compliant and contractually obligated to maintain confidentiality.
Children’s Data
Our site is not intended for under-18s, and we do not knowingly collect data from children.
Policy Updates
We may update this policy occasionally. Revised versions will be dated and posted here; significant changes may also be communicated directly.
Contact Information
For any inquiries, exercising your rights, or concerns, please contact:
Kiam Clinic
Address: Kiam Clinic, 13 Worple Road, Epsom, London, KT18 5EP
Email: info@kiamclinic.com
Phone: +44 1372 660580