Privacy Policy

At The Florence Clinic, we respect your privacy and are committed to protecting your personal data. This privacy policy outlines how we collect, use, and safeguard the information you provide when using our weight management services, website, or other related services.

We endeavour to implement and maintain the highest standards regarding data protection and adopt policies in line with the highest level of compliance. As such, we align with the Data Protection Act (“DPA 2018”), the UK General Data Protection Regulation (“UK GDPR”), and the Privacy in Electronic Communications Regulations (“PECR 2003”) to handle your personal data in certain ways.

When we use the term “personal data,” we mean any information that can be used to identify you as an individual, directly or indirectly.

1. Information We Collect

We collect personal data to provide you with high-quality healthcare and personalized service. The types of information we may collect include:

Personal Identification Information: Name, address, email, phone number, date of birth, gender
Health Information: Medical history, current medications, treatment plans, weight management progress, and other health-related data
Payment Information: Credit/debit card details, billing address, transaction history (for processing payments)
Technical Data: IP address, browser type, device information, and usage patterns when accessing our website

2. How We Use Your Information

We use your personal data to:

Provide weight management services, including consultations, prescriptions, and ongoing support
Customize your treatment plan and monitor your progress
Communicate with you about appointments, services, and products
Process payments and manage your account
Improve our services through feedback and data analysis
Comply with legal obligations (such as record-keeping for healthcare services)

3. How We Protect Your Information

We are committed to ensuring your data is secure. We implement appropriate technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. This includes:

Data encryption
Secure payment processing
Regular data security assessments

4. Sharing Your Information

We will never sell or rent your personal information. However, we may share your data in certain circumstances as described below.

Our business relies on collaboration with third parties (e.g., outside companies) to provide our services to you. Each third party provides an element of our services, for example, IT and cloud services, prescription, delivery, diagnostics, or marketing services.

For all third parties we use, we undertake data protection and information security due diligence prior to sharing any personal information. We also have in place contracts with specific data processing and sharing clauses to ensure that third parties process shared data strictly for the purposes we have instructed them to, or in lawful ways that we expect, such as privacy by design and default.

When it is necessary for us to transfer personal information to third parties, this is only done in accordance with the UK GDPR.

Third parties we may share your personal information with include, for example:

Healthcare Providers: For the provision of healthcare services, including prescriptions.
Verification Companies: Address and identification verification services.
Delivery and Courier Services: For delivering medications or other products.
Marketing and Analytics Providers: To help us with advertising and service improvements.
Technology Providers: Companies providing IT, cloud, or infrastructure support.
Communications Providers: Companies assisting with our customer communications.
Professional Advisors: Including auditors, accountants, and lawyers.
Potential Buyers: Any entity who may acquire us or part of our business or brands.
Regulatory Authorities and Law Enforcement: Local or foreign regulators, courts, governments, and law enforcement authorities, including emergency services, when required by law.

5. Retention of Your Information

We will retain your personal data only as long as necessary for the purposes outlined in this policy, including fulfilling legal obligations. After this period, your data will be securely deleted or anonymized.

Please note that if we are processing your health data (including photographs) for healthcare purposes, you may not always have the right to request its deletion. Maintaining the accuracy and integrity of health information is critical for Clinical Governance, ensuring we can provide a safe and effective prescribing service with auditable records of your care.

6. Your Rights

You have the right to:

Access: Request a copy of the personal data we hold about you
Correction: Ask us to correct any inaccurate or incomplete information
Deletion: Request the deletion of your personal data where it is no longer necessary for us to retain it
Restrict Processing: Request that we limit the use of your personal data
Data Portability: Request the transfer of your data to another service provider
Withdraw Consent: If you have provided consent to us processing your personal data, you can withdraw this at any time. To exercise any of these rights, please contact us at [email protected].

7. Cookies and Website Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website traffic. You can manage your cookie preferences through your browser settings. For more details, please see our Cookie Policy.

8. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal reasons. Any updates will be posted on our website, and we encourage you to review it periodically.

9. Contact Us

If you have any questions or concerns regarding this privacy policy or the way we handle your data, please contact us at:

Email: [email protected]
Post: Office 2 and 3, 2nd floor, 761 Wilmslow Road, Manchester, M20 6RN