top of page

UK GDPR Privacy Policy

Dr Kal Skin

Effective Date: 17/07/2025

1. Introduction

This Privacy Policy explains how Dr Kalyan Skin ("we", "our", "us") collects, uses, shares, and protects your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are committed to ensuring the privacy and confidentiality of all personal information we process.


2. Data Controller

Dr. J. Kalyan

Email: info@drkalskin.co.uk]

Website: www.drkalskin.co.uk


3. What Personal Data We Collect

We may collect and process the following types of personal data:

  • Identity Data: Full name, date of birth, gender

  • Contact Data: Address, email, telephone number

  • Medical Data: Health history, treatment notes, referral information

  • Payment Information: Billing address, card details (processed securely via third-party providers)

  • Marketing Preferences: Communication preferences, consents


4. How We Collect Your Data

We collect data:

  • Directly from you (via consultations, forms, emails, or calls)

  • Through referrals from other healthcare professionals

  • Via our website or booking platforms


5. Lawful Basis for Processing

Under the UK GDPR, we process your data on the following lawful bases:

  • Consent – where you have given clear consent

  • Contractual necessity – to provide you with treatment or related services

  • Legal obligation – compliance with legal or regulatory requirements

  • Vital interests – where necessary to protect life

  • Legitimate interests – where justified, unless your rights override ours


6. How We Use Your Data

Your data is used for:

  • Medical consultations, diagnosis, and treatment

  • Clinical documentation and record-keeping

  • Appointment scheduling and reminders

  • Billing and payment processing

  • Referral to or communication with other medical professionals

  • Responding to enquiries, complaints, or reviews

  • Regulatory compliance and auditing

  • Marketing (with your explicit consent)


7. Sharing Your Data

We may share your data with:

  • Medical professionals (only with your consent or where necessary)

  • Laboratories or diagnostic services

  • IT and software providers (e.g., booking systems, medical record platforms)

  • Payment processors

  • Regulatory bodies (e.g., CQC, GMC)

  • Insurers or legal representatives, if required

We never sell your data or share it for non-clinical purposes without your consent.


8. Data Retention

We retain your personal data in accordance with:

  • Medical record retention guidance (e.g. minimum 8 years for adult records)

  • Legal obligations and professional standards

After these periods, data is securely destroyed or anonymised.


9. Your Rights

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure (‘right to be forgotten’)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time (where processing is based on consent)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

Visit https://ico.org.uk for more information.


10. Security of Your Data

We use robust technical and organisational measures to protect your data, including:

  • Secure patient management systems

  • Password-protected devices

  • Encryption of digital files

  • Confidential waste disposal for paper records

  • Staff trained in data protection


11. Cookies and Website Privacy

Our website may use cookies to enhance user experience and collect anonymised analytics data. You can manage cookie preferences via your browser settings.


12. Contact Us

If you have any questions or concerns about how your data is handled, or wish to exercise your rights, please contact:

Email: info@drkalskin.co.uk

Website: www.drkalskin.co.uk

bottom of page