3a Montpelier Street, Knightsbridge, London, SW7 1EX 020 7584 4777
[email protected]
BOOK NOW

Search the site

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Book now

Privacy Policy

At Omniya Clinic, we respect your privacy and are committed to protecting your personal information. We collect and use personal data only where necessary to provide safe, effective, and appropriate medical and aesthetic care. All information is handled with care, discretion, and confidentiality, and accessed only by authorised personnel who require it to perform their duties.

Our policies and procedures are designed to uphold patient dignity, protect confidentiality, and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Purpose and Principles

Omniya Clinic collects personal information solely to support the delivery of healthcare and related services. We aim to be transparent about how data is used, ensure it is kept secure, and respect your rights at all times.

We are guided by the following principles:

  • Collect only what is necessary
  • Use information fairly and lawfully
  • Keep data accurate and up to date
  • Protect data against unauthorised access
  • Retain data only for as long as required

 

What Information We Collect

We may collect and retain the following categories of personal information:

Personal identification information

  • Name, title, date of birth
  • Address, telephone number, email address
  • Emergency contact details

 

Medical and health information

  • Medical history and relevant health information
  • General Practitioner details
  • Allergies, medications, and contraindications

 

Treatment records

  • Details of consultations, proposed and completed treatments
  • Consent forms and clinical notes
  • Treatment costs, invoices, and payment records

 

Communication records

  • Correspondence with you
  • Relevant communications with other healthcare professionals where necessary for your care

 

Legal Basis for Processing Personal Data

We process personal data under the following lawful bases:

  • Consent – where you have given explicit consent for specific uses of your data
  • Care provision – where processing is necessary to provide medical or aesthetic treatment
  • Special category data processing – where health data is required for diagnosis, treatment, clinical management, and regulatory compliance
  • Legal obligation – where required to meet legal, professional, or regulatory duties

 

Health data is processed in accordance with Article 9(2)(h) UK GDPR.

How We Use Your Information

Your information may be used for the following purposes:

  • To deliver personalised care
    Ensuring treatments are safe, appropriate, and tailored to you
  • To maintain accurate clinical records
    Supporting continuity of care and clinical decision-making
  • To meet legal and regulatory obligations
    Including record-keeping, insurance, and professional standards
  • To communicate with you
    Appointment reminders, follow-up care, and essential clinic communications

You may opt out of marketing communications at any time.

How We Protect Your Information

We take appropriate technical and organisational measures to safeguard your data, including:

  • Physical security
    Secure premises and restricted access to paper records
  • Digital security
    Encrypted systems, password protection, secure cloud-based clinical software, and monitored access
  • Access controls
    Personal data is accessed only by authorised staff on a need-to-know basis

 

Information is securely destroyed when no longer required.

Sharing Your Information

We may share relevant personal information only where necessary and appropriate, including:

  • Healthcare professionals
    Such as doctors or other providers involved in your care, to ensure continuity and safety
  • Limited third parties
    Where required by law, regulation, or professional obligation

 

In all other circumstances, information is shared only with your consent. All data sharing is carried out securely and in line with confidentiality and data protection principles.

Patient Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete information
  • Request erasure of data, where legally permissible
  • Restrict processing in certain circumstances
  • Request data portability to another provider
  • Raise concerns or complaints about how your data is handled

 

These rights are generally free of charge. We may ask you to verify your identity before responding.

Retention of Information

We retain personal and medical records while you are an active patient and for a minimum period in line with legal, regulatory, and professional guidance. Retention periods may vary depending on the nature of the data and applicable requirements.

Records are securely archived and disposed of when no longer required.

Security of Electronic Communications

We take reasonable steps to ensure the confidentiality of electronic communications. Data is encrypted, protected against malware, and regularly backed up. Please note that email transmission over the internet is not completely secure, and we advise discretion when sharing sensitive information electronically.

We do not share patient information via public forums or social media.

Confidentiality and Dignity

At Omniya Clinic, patient dignity and privacy are central to our care. Our approach is guided by the following principles:

  • Respectful behaviour – Staff are trained to communicate with professionalism and sensitivity
  • Individual identity – We respect personal values, beliefs, and preferences
  • Personal boundaries – We honour physical and emotional boundaries at all times
  • Clear communication – Information is provided clearly and without unnecessary jargon
  • Privacy and confidentiality – Information is shared only when appropriate and lawful
  • Comfort and modesty – We provide private environments wherever required

 

Contact Us

If you have questions about this privacy policy or wish to exercise your data protection rights, please contact:

Email: [email protected]

If you remain dissatisfied, you have the right to contact the UK Information Commissioner’s Office (ICO):
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline: 0303 123 1113
Website: https://www.ico.org.uk

This privacy policy reflects Omniya Clinic’s ongoing commitment to protecting your privacy, maintaining confidentiality, and delivering care with respect and integrity. We review and update this policy regularly to reflect changes in law and best practice.

Last updated: January 2026

© 2026 Omniya Clinic. All rights reserved. Registered Company No: 08874644
Omniya Clinic
Book Now
Call Us