Privacy Policy

Supplying Aesthetics UK (“we”, “us”, “our”) operates the website supplyingaestheticsuk.co.uk. We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Contact: [email protected] | 0203 370 0949

We may collect the following personal data:

• Name, email address, phone number, delivery address
• Payment information (processed securely via Stripe)
• Order history and product preferences
• Communications you send to us (emails, contact forms)
• Website usage data (cookies, analytics)

We use your personal data to:

• Process and fulfil your orders
• Send order confirmations, dispatch notifications, and tracking info
• Respond to your enquiries and provide customer support
• Send marketing communications (only with your consent)
• Improve our website and services
• Comply with legal and regulatory obligations

We process your data under the following legal bases:

• Contract: To fulfil orders and provide services you've requested
• Consent: For marketing communications and non-essential cookies
• Legitimate interest: To improve our services and prevent fraud
• Legal obligation: To comply with tax and consumer protection laws

We use essential cookies to operate our website (e.g., shopping cart, session management). We may also use analytics cookies (e.g., Google Analytics) to understand how visitors use our site. You can manage cookie preferences in your browser settings.

We do not sell your personal data. We may share data with:

• Payment processors (Stripe) for transaction processing
• Delivery partners (Royal Mail, DPD) for order fulfilment
• Analytics providers (Google) for website improvement

All third parties are required to handle your data securely and in accordance with applicable data protection laws.

We retain your personal data for as long as necessary to fulfil the purposes it was collected for, including legal, accounting, and reporting requirements. Order records are retained for 6 years as required by HMRC.

Under UK GDPR, you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate data
• Request erasure of your data (“right to be forgotten”)
• Object to or restrict processing of your data
• Data portability
• Withdraw consent at any time

To exercise any of these rights, email us at [email protected]. We'll respond within 30 days.

We implement appropriate technical and organisational measures to protect your personal data, including 256-bit SSL encryption for all data transmission and secure, encrypted storage of sensitive information.

We may update this privacy policy from time to time. Changes will be posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically.