Privacy Policy
Last updated: 28 August 2025
Who We Are
VODÉRM is a nurse-led aesthetics and skincare clinic in Halifax.
Legal entity: Bronte Sykes trading as VODÉRM (sole trader)
Address: 98 Ovenden Rd, Halifax HX3 5QG, UK
Phone: 01422 756523
Data controller contact: bronte@voderm.co.uk
The Data We Collect
- Identity & contact: name, email, phone, address.
- Enquiry & booking: messages, preferred dates/times, appointment history, deposits.
- Clinical (special category): medical history, medications, allergies, treatment notes and consent, aftercare, before/after photographs (with your consent).
- Payments & accounting: records needed for tax and refunds.
- Technical: basic server and security logs.
- Marketing preferences: newsletter opt-in/out.
How We Collect It
- Directly from you (website forms, email, phone, WhatsApp, in-clinic).
- Via our booking portal operated for us by aestheticnursesoftware.com (for scheduling, deposits, confirmations, and reminders where enabled).
- Through our website hosting and security.
Why We Use It (Lawful Bases)
| Purpose | Lawful basis |
|---|---|
| Reply to enquiries | Legitimate interests |
| Book/manage appointments, send confirmations/reminders, take deposits | Contract / Legitimate interests |
| Provide clinical care and keep medical records | Legal obligation, Vital interests, UK GDPR Art. 9(2)(h) (health care) |
| Payments, invoicing, refunds, tax | Contract / Legal obligation |
| Site security and fraud/spam prevention | Legitimate interests |
| Email newsletters via Mailchimp (optional) | Consent (you can withdraw any time) |
Sharing With Service Providers
We use trusted providers to operate our services (hosting and security, booking portal, email/SMS delivery, Mailchimp for newsletters if you subscribe). They act on our instructions and have appropriate safeguards. We do not sell your data.
International Transfers
Some providers (e.g., Mailchimp) may store data outside the UK. Where that happens, we rely on UK adequacy decisions or Standard Contractual Clauses with additional safeguards.
Retention
- Enquiries (non-patients): 12 months.
- Marketing contacts (Mailchimp): until you unsubscribe or after 24 months of inactivity.
- Clinical records: 8 years after last treatment (or until age 25 if treated while under 18).
- Financial records: 6 years.
Your Rights
You can access, rectify, erase, restrict, object, port your data, and withdraw consent at any time.
To exercise rights, email bronte@voderm.co.uk. You can also complain to the ICO (ico.org.uk | 0303 123 1113).
Age Policy
- Skincare consultations and facials: available to teens with parent/guardian consent (and attendance where appropriate).
- Injectables: 18+ only.
Security
We use appropriate technical and organisational measures (encryption in transit, access controls, staff training). No system is perfect; please avoid sending sensitive medical details over unsecured channels.
Changes
We may update this notice. The latest version will always be here.
Privacy contact: bronte@voderm.co.uk
Ready to Feel Like Your Best Self?
Book a free, no-pressure consultation to explore what’s right for you.
Whether you’re new to aesthetics, or already know what you want —
we’ll guide you honestly, every step of the way.