Last reviewed: November 2025
Next review: November 2026
Location: Tadley, Hampshire, UK

At The Facial Sanctuary, your privacy and trust are incredibly important to me.
This Privacy Policy explains how I collect, use and protect your personal information, in accordance with the UK General Data Protection Regulation (UK GDPR) and professional industry guidelines.

1. Who Am I?
My name is Stephanie Ward and I'm a fully qualified facial therapist and Tropic Skincare Ambassador based in Tadley, Hampshire. I provide bespoke holistic facials designed to support healthy skin, relaxation and emotional wellbeing.

2. What Information I Collect
Depending on how you interact with me, I may collect:
Your name, phone number, email address and home address
Medical or skincare history, allergies, current medications and treatment preferences
Consultation forms, treatment notes and appointment details
Payment information (processed securely and never stored)
Marketing preferences (if you choose to opt in)
Website usage data such as cookies or analytics information (see Section 8)

3. How and Why I Use Your Data
Your personal information is used only to:
Deliver safe, tailored treatments and monitor progress
Manage bookings and send appointment confirmations or reminders
Communicate aftercare information or respond to your queries
Comply with insurance, accounting and tax obligations
Share news, offers or updates only if you’ve given consent
I do not sell or share your information with third parties for marketing purposes

4. Lawful Basis for Processing
I process your data under the following lawful bases:
Consent – when you have given permission for me use of your data for a specific reason
Contract – to provide a treatment or service you’ve booked
Legal obligation – to meet UK tax, insurance or healthcare regulations
Vital interests – in rare cases, to protect your life or health in an emergency (e.g. a medical emergency)

5. Your Rights
Under UK GDPR, you have the right to:
Access the personal data I hold about you
Request correction of inaccurate or incomplete information
Ask for your data to be deleted (unless retention is required by law)
Restrict or object to certain types of processing
Request transfer of your data to another provider
To make a request, contact me at: hello@thefacialsanctuary.co.uk

6. Data Storage & Retention
Client treatment records are stored securely and kept for 8 years after your last appointment (or until age 25 if you’re under 18), in line with professional insurance and healthcare regulations.
Financial and booking data is stored for 6 years to comply with HMRC.
Enquiries or email communications are stored for up to 2 years, or deleted upon request.

7. Third Parties & Data Sharing
I only share your information where necessary and with your consent, such as:
Booking software (Ovatu)
Payment processors (e.g. Stripe, Square)
HMRC for accounting purposes
A GP or health professional - only with your written consent or in an emergency
All third-party services used are GDPR-compliant and under contract to protect your data.
Email/newsletter systems (for optional updates)
Tropic Skincare, if you choose to place an order
Accountants or HMRC, for tax purposes

8. Cookies & Website Analytics
This website may use cookies and analytics tools like Google Analytics to understand visitor behaviour and improve site experience. These tools may collect:
Your IP address
Device and browser type
Pages visited and time spent
This data is anonymised and not used to personally identify you. You can disable cookies through your browser settings.

9. Data Security
Your information is stored securely using encryption, password protection and/or locked physical storage. Only I have access to your full consultation or health records.

10. Data Breaches
If a data breach occurs that may affect your rights or freedoms, I will notify the Information Commissioner’s Office (ICO) within 72 hours and contact any affected individuals if required.

11. Contact & Complaints
If you have any questions or concerns about this policy and how your data is handled, please contact:
 hello@thefacialsanctuary.co.uk  07947 820189

If you remain unhappy, you can raise a complaint with the ICO:
 www.ico.org.uk   0303 123 1113