Privacy Policy
Last Updated: 12th January 2025
1. Introduction
Luenire Ltd (“Company”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.luenire.co.uk, engage with us online, or receive our in-clinic spa and aesthetic services.
We are registered in England and Wales under company number 14273527 , and our registered office is located at:
Floor 4, 160 Broad Street,
City Centre,
Birmingham,
B15 1DT.
Contact Information:
Phone: 0121 751 9003
Email: info@luenire.co.uk
By using our services or accessing our website, you consent to the practices described in this policy.
⸻
2. Information We Collect
We may collect and process the following personal data:
a. Identity Data
• Full name
• Date of birth
• Gender
b. Contact Data
• Email address
• Phone number
• Billing and mailing address
c. Medical and Treatment Data
• Medical history and conditions
• Allergies and contraindications
• Treatment preferences and notes
• Consent forms and treatment records
d. Transaction Data
• Details of payments made
• Appointment history
• Purchase records (products and services)
e. Technical Data
• IP address
• Browser type and version
• Time zone setting and location
• Operating system, platform, and other technology on the devices you use
f. Usage Data
• Information about how you use our website, services, and products
g. Marketing and Communications Data
• Your preferences in receiving marketing from us and your communication preferences
⸻
3. How We Collect Your Data
We collect data from and about you through:
• Direct interactions (booking appointments, completing forms)
• Automated technologies (cookies, server logs)
• Third parties (e.g., payment providers, analytics providers, social media platforms)
⸻
4. How We Use Your Data
We will only use your personal data when legally permitted. The most common uses include:
• To provide spa and aesthetic services
• To manage bookings and customer accounts
• To comply with health and safety requirements
• To manage payments and collections
• To notify you about changes to our terms or policies
• To send promotional offers, newsletters, and service updates (with your consent)
• To analyze and improve our services and user experience
⸻
5. Lawful Basis for Processing
We rely on the following lawful bases for collecting and using your personal data:
• Consent – for marketing and where explicit consent is needed (e.g., processing health data)
• Contract – to fulfil our obligations under a contract with you
• Legal obligation – for compliance with applicable laws and regulations
• Legitimate interests – to operate and grow our business while ensuring your rights are protected
⸻
6. Sharing Your Personal Data
We may share your information with the following, only when necessary and under strict data protection obligations:
• Service providers (e.g., IT support, booking systems, payment processors)
• Professional advisers (e.g., legal, insurance, accounting)
• Regulatory authorities (e.g., CQC, HMRC)
• Law enforcement if required by law
We do not sell or rent your personal data to third parties.
⸻
7. Data Security
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. Measures include:
• SSL encryption on our website
• Secure storage of treatment and consent forms
• Access controls and staff confidentiality agreements
• Routine data backups
Despite our efforts, no electronic transmission or storage system can be guaranteed 100% secure. You use our services at your own risk.
⸻
8. Data Retention
We will retain your personal data only as long as necessary to fulfil the purposes we collected it for, including for legal, accounting, or reporting requirements.
In general:
• Medical and treatment records: 7 years from date of last treatment (or longer for minors)
• Marketing data: until you withdraw consent
• Transactional data: 6 years per HMRC guidance
⸻
9. Your Data Protection Rights
Under the UK GDPR, you have the following rights:
• Right to access – You can request copies of your personal data
• Right to rectification – You can request correction of inaccurate or incomplete data
• Right to erasure – You can request deletion of your data in certain circumstances
• Right to restrict processing – You can request the processing of your data to be limited
• Right to data portability – You can request your data be transferred to you or another provider
• Right to object – You can object to the processing of your data, particularly for marketing
• Right to withdraw consent – You can withdraw consent at any time
To exercise any of these rights, contact us at:
Info@luenire.co.uk or 📞 0121 751 9003
⸻
10. Marketing and Communications
If you opt-in, we may contact you with offers, updates, and promotions. You can opt-out anytime by:
• Clicking the unsubscribe link in emails
• Contacting us directly
We will never spam you or share your marketing data without consent.
⸻
11. Cookies
Our website uses cookies to improve functionality and user experience. Cookies help us analyze traffic, personalize content, and remember preferences. You can manage cookie preferences in your browser settings.
For detailed information, see our Cookie Policy.
⸻
12. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. Please review their privacy policies before providing any personal data.
⸻
13. Changes to This Policy
We reserve the right to update this privacy policy at any time. The most recent version will be posted at www.luenire.co.uk/privacy-policy. If the changes are significant, we will notify you via email or website notice.
⸻
14. Contact Details
For all privacy-related matters, data access requests, or complaints, contact:
Data Protection Officer
Luenire Ltd
Floor 4,
160 Broad Street
City Centre
Birmingham
B15 1DT
0121 751 9003