top of page

Privacy Policy

Last updated: 11 November 2025
Company: NUERRA LTD
Company number: 16561720
Registered office: Boundary House, Main Street, Hoveringham, Nottingham, England, NG14 7JR
Website: www.nuerra.co.uk

1. Introduction

NUERRA LTD (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal information.
This Privacy Policy explains how we collect, use, and protect your personal and medical data when you use our services, visit our website, or communicate with us.

We process personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

We may collect and process the following categories of information:

2.1 Personal and Contact Details

  • Full name

  • Date of birth

  • Address and postcode

  • Email address and telephone number

  • Emergency contact information

2.2 Health and Medical Information

  • Medical history and current health conditions relevant to skincare or aesthetic treatments

  • Information about allergies, medications, or contraindications

  • Details and photographs of skin conditions (for consultation and treatment purposes)

  • Treatment records, consent forms, and aftercare notes

2.3 Technical and Usage Data

  • IP address, browser type, operating system, and device information

  • Website usage data (pages visited, session duration, referring site)

  • Cookies and similar technologies (see Section 9 below)

 
3. How We Use Your Information

We collect and process personal and medical data to:

  • Provide safe and effective skincare, cosmetic, or aesthetic treatments

  • Assess suitability for specific treatments and manage your care plan

  • Maintain accurate medical and treatment records

  • Communicate with you about appointments, aftercare, and relevant updates

  • Process payments and maintain business accounts

  • Improve our services and comply with clinical governance standards

  • Meet legal, regulatory, or insurance obligations

4. Lawful Basis for Processing

We process your data under the following lawful bases:

  • Consent – when you provide explicit consent for us to collect and use your information (e.g., via consultation or consent forms).

  • Contract – where processing is necessary to deliver the treatments or services you have requested.

  • Legal Obligation – to comply with healthcare, insurance, or data protection laws.

  • Legitimate Interests – to operate and improve our business securely and efficiently.

Processing of Special Category (Medical) Data

We process your health and medical information under Article 9(2)(h) of the UK GDPR, which permits the processing of health data for the purposes of the provision of health or social care and treatment management, subject to professional confidentiality and appropriate safeguards.

5. Data Retention

We retain personal and medical records for the period required by professional standards and insurance obligations — generally 7 years after your last treatment or interaction, unless a longer period is required by law.
After that, records will be securely deleted or anonymised.

6. Data Sharing and Disclosure

We will not sell or rent your data.
We may share personal data only with:

  • Registered healthcare or aesthetic professionals within our clinic (where necessary for your treatment)

  • IT and hosting providers that maintain our website and electronic systems

  • Professional advisers (e.g. legal, regulatory, or insurance representatives)

  • Regulatory or enforcement authorities if required by law

All third parties are required to handle your data securely and in accordance with our instructions and the UK GDPR.

7. Data Security

We implement strict technical and organisational measures to safeguard your personal and medical data, including:

  • Secure, password-protected systems and encrypted storage

  • Limited access by authorised staff only

  • Regular staff training on data protection and confidentiality

Despite these measures, no system is completely secure. We cannot guarantee the security of data transmitted electronically, but we take all reasonable steps to protect it.

8. Your Rights

Under the UK GDPR, you have the following rights:

  • Access – request a copy of the personal data we hold about you

  • Rectification – request correction of inaccurate or incomplete information

  • Erasure – request deletion of your personal data (subject to legal retention obligations)

  • Restriction – request limitation of how your data is used

  • Portability – request a copy of your data in a transferable format

  • Objection – object to certain types of processing

  • Withdraw Consent – withdraw consent at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at info@nuerra.co.uk.

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
www.ico.org.uk

9. Cookies and Tracking

Our website uses cookies to improve your browsing experience, analyse website traffic, and enable certain features.
You can manage or disable cookies through your browser settings.
Please refer to our Cookie Policy for more details.

10. International Data Transfers

If we use service providers located outside the UK (e.g. for website hosting or email systems), we ensure that appropriate safeguards — such as UK adequacy regulations or standard contractual clauses — are in place to protect your data.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.
The updated version will always be available on our website with the latest revision date.

 
12. Contact Us

If you have questions or concerns about how we process your personal or medical data, please contact:

NUERRA LTD
Boundary House, Main Street, Hoveringham,
Nottingham, England, NG14 7JR
📧 info@nuerra.co.uk
🌐 www.nuerra.co.uk

bottom of page