At the Dr Joney De Souza Skin & Laser, we understand the importance of ensuring that the personal information entrusted to us is protected and respected at all times. All personal data is handled in accordance the Data Protection Act 1998 and General Data Protection Regulation 2018.

Dr Joney De Souza Skin & Laser is registered in England with company number 09321934. Our registered office and trading address are at 49 Blandford Street, Marylebone, London, W1U 7HH.

This privacy policy sets out the basis on which the personal information we collect from you, or that you provide to us, will be processed by the Dr Joney De Souza Skin & Laser.


What Information Is Collected What We Do With Your Information

When enquiring, to provide the information requested in response to your enquiry, to schedule appointments and when attending an appointment: names, address, email address, phone number and date of birth,

To support and document your treatment provision: names, address, email address, phone number, date of birth, medical history and photograph(s)

As a legal requirement, failure to provide us with this information will result in us being unable to provide prescriptive treatments.

Information we collect automatically: all telephone calls are recorded.

For quality and training purposes to improve the service we provide

At each visit you make to our website we will automatically collect technical information including your Internet Protocol (IP) address, browser type and version, time zone setting, browser plug-in types and version, operating system and platform.

Information about your visit including the full Uniform Resource Locators (URL), clickstream to, through and from our Site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page.

For legitimate business interests including the upkeep, maintenance and improvement of our website

We may also use this information for some or all of the following reasons:

  • To inform decisions about how our business is run
  • To notify you about changes to our service
  • To send you text and/or email notifications to remind you of appointments booked with us
  • To contact you for post-treatment follow up and care, including survey requests in order to improve our service
  • Where you have opted-in to receive marketing communications, to contact you to provide information regarding other treatments or services that we think may be of interest to you.


We take our obligations under the Data Protection Act 1998 and the General Data Protection Regulation 2018 very seriously.

Any information you provide to us will be kept confidential and only disclosed to the individuals involved with delivering your care.

At times, we may share your personal information with:

  • Other members of the Dr Joney De Souza Skin & Laser team as part of your ongoing care provision, or to monitor and improve the business performance.
  • Selected third parties such as Wigmore Medical or Healthxchange Pharmacy for prescriptive purposes. Opting out of sharing your information with these providers for prescriptive purposes will impair our ability to treat you.
  • Our IT or software providers when seeking technical assistance.

There may also be circumstances where we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory requirement, obligation or request. This may include the police for the prevention or investigation of a crime, our Insurers, legal advisors or other third parties who need access to your information in the context of managing, investigating or defending claims or complaints.


We cannot guarantee that the information you send us over the internet is secure, but once we receive it we will take all reasonable steps to protect the information you supply to us. All data is stored inside of the European Economic Area, with backups of electronically stored data taken regularly and strong encryption used to protect all files.

Under the General Data Protection Regulation 2018, we will only hold personal identifiable data for the maximum retention periods:

  • Job applications and unsuccessful interview candidates – 6 months
  • Employee Records – 6 years following termination of contract
  • Medical (Aesthetic) Records – 7 years following last appointment
  • Marketing Enquiries and Emails – 6 months
  • Financial Records – 7 years
  • CCTV footage – 2 weeks
  • Telephone Calls – 1 month


We employ CCTV in the public areas of the clinic to aid the security of our staff, clients and premises. CCTV cameras are not in use in our treatment rooms and do not have audio recording.

CCTV footage is held for a maximum of two weeks and may be requested as part of a Subject Access Request. We may at times disclose CCTV footage for the prevention or investigation of a crime, or for legal purposes including the defence of claims or complaints.


We record all telephone calls in order to monitor and improve the service we offer.


Our Site uses cookies to distinguish you from other users of our Site. We use this information to monitor and analyse your experience of our Site and make appropriate improvements.

Where you provide permission, cookies may be stored on the hard drive of your computer. Cookies can be blocked by activating the setting on your browser, however you may not be able to access all or parts of our Site.


You have the right to ask us not to process your personal information.  Should you withdraw consent for the processing of personal data from your treatment records, we will be unable to continue to provide prescriptive treatments.

You have the right to ask us not to process your personal information for marketing purposes. We will only contact you for marketing purposes if you have elected to receive marketing text messages or emails. Should you wish to stop receiving marketing communications from us, you can let us know by email to

Our website contain links to and from third party websites. Dr Joney De Souza Skin & Laser does not accept any responsibility or liability for the safety or security of personal data entered into any third party website it is linked to.

In some circumstances, you have the right to be forgotten and we will erase all data held about you. Treatment records are exempt from erasure before our maximum retention period. Requests for erasure should be made in writing to info@drjoneydesouza.comand will be assessed on a case by case basis.


Under the General Data Protection Regulation 2018 you have the right to access information held about you.  Requests should be made in writing to the Medical Director, 49 Blandford Street, Marylebone, London, W1U 7HH.

Records will be supplied in an electronic format within 1 month of receipt of the Subject Access Request and will be subject to identification checks. Whilst there is no charge for the first copy of your record, we reserve the right to charge a small administrative fee for all subsequent copies of the same record.


Questions, comments and requests regarding this privacy policy should be addressed to the Medical Director, 49 Blandford Street, Marylebone, London, W1U 7HH.

You have the right to complain to a supervisory authority if you feel that we have breached the terms outlaid in our Privacy Policy. Complaints can be made to the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or further information can be found at

This privacy policy was last updated on 24th January 2019.