fbpx

privacy policy

At Aesthetics International (“we”, “us”, “our”) we want you to feel comfortable on our website not have to worry about the security of your data. That is why data protection is an important part of our philosophy.

In this Privacy Policy you will find all the information about which Personal Data we collect and process and for what purpose. You will also find out what rights you have and how you can assert them.

The Data Controller

Responsible for the collection and processing of your Personal Data is 

 

Aesthetics International

2nd floor Dona Apolonia Bldg no. 33,

Kamias Road

Quezon City

Philippines

Phone: +639955661079

E-mail: aestheticsinternationalph@gmail.com

General information on data processing

All Personal Data that we obtain from you via the website will be processed for the purposes described in more detail below. This is done within the framework of the DPA or with your consent. And of course, only when data processing is permitted and if:

  • you have given your consent,
  • the data is necessary for the fulfilment of a contract / pre-contractual measures,
  • the data is necessary for the fulfilment of a legal obligation or
  • the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden.

We process and store your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

What data does Aesthetics International process?

Aesthetics International offers you a wide variety of services and training courses and in the process, various data are collected. Most of the data we process is provided by you when you use our services or contact us.      

Further, we also automatically collect technical device and access data that occur during your interaction with our website. And we collect further data through website analyses in order, for example, to optimize our offers for you personally (e.g., to optimize our offers for you).

Further, we also automatically collect technical device and access data that occur during your interaction with our website. And we collect further data through website analyses in order, for example, to optimize our offers for you personally (e.g., to optimize our offers for you).

a) Log files and Cookies     

Even if you do not request us to provide services or contact us, simply browse our website, data is collected and stored, and processed by us. Specifically, this requires the IP address of your computer, Date and time of access, Name, and URL of the accessed file, Browser used Number of bytes transferred, Status of the page retrieval, Session ID, and Referrer URL.

In addition, we use cookies when you visit www.aestheticsinternational.org. You can find more information in our Cookie Policy. The legal bases for processing are your consent, contract and our legitimate interest. The collection and processing of this data is necessary from a technical point of view so that you can use our website.

c) Online appointment booking via Acuity Scheduling

We use the service of Acuity Scheduling for the simplified booking of appointments. By using this service, data is transferred to Acuity Scheduling.  The processing of the data entered via Acuity Scheduling is thus exclusively based on a legitimate interest of simplified appointment arrangement. The data entered by you remains with us until you request us to delete it or the purpose for storing the data no longer applies.

The provision of payment details is subject to our payment processor PayPal. We do not collect or store payment information or bank details ourselves but receive payment confirmation statements. For further information, please refer to PayPal`s Privacy Policy by clicking on the above link. The legal basis for the data processing is the fulfilment of our contractual obligations and the fulfilment of our legal obligations.

d) Additional information

We will process your Personal Data through our customer service team when you call us or arrange a meeting with us, we may also communicate with you through e-mail, and other means. Our customer service team will register your phone number for purpose of call-back and back-office services in order to provide you with the requested support and information.

In some cases, for purposes of internal training, quality control and verification, the call may be recorded, and the e-mails may be saved to the extent not prohibited under applicable law. You will always be informed in advance of the recording of the communication, and you will have the opportunity to object to such recording, save when this is necessary for verification purposes in relation to your purchase or other reasons, as allowed under applicable laws.

b) Provision of contractual services

We process inventory data and content data for the purpose of fulfilling our contractual obligations and services. This data is passed on to third parties if there is a legal obligation to do so or on the basis of our legitimate interests for example in the economic and effective operation of our business. If we ask you for further data, this is voluntary information. Personal information is processed exclusively to fulfill the requested service and to protect our own legitimate business interests.

The purpose and our interest in the processing lie in the administration, financial accounting, office organization, and archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks, and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.

All transmitted data is protected by TLS encryption. Transport Layer Security (TLS) is a protocol used to ensure secure data transmission on the Internet. The public-private key procedure is used here. This means that data encrypted with a publicly accessible key can only be decrypted again with a separate private key.

We stand for high security when you provide Personal Data. Aesthetics International uses technical and organizational security measures (TOMs) throughout the company to protect the data we manage from you against accidental or intentional manipulation, loss, destruction, or against access by unauthorized persons. For example, we regularly train all employees on current IT security topics.

Nonetheless, please note that databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Duration of data storage

We store Personal Data on our secure server and only for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 6 years, irrespective of the processing purposes.

Marketing

Insofar as you have also given us your separate consent to process your data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving marketing communication based on your interactions or contractual relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out.

Your data subject rights

Under the DPA, you have the following rights:

  • Right to information;
  • Right to have inaccurate or incomplete Personal Data corrected;
  • Right to erasure;
  • Right to restrict processing;
  • Right to object to the processing;
  • Right to data portability;
  • Right to revoke consent; and
  • Right to complain.

Integration of third-party services and content

We use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services (hereinafter uniformly referred to as “content”).

This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content.

Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of our website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our website, as well as being linked to such information from other sources.

The following provides an overview of third-party providers and their content, together with links to their privacy policies, which contain further information on the processing of data and so-called opt-out measures, if any:

The legal basis for the data processing is your consent and our legitimate interest.

Authorities and other third parties

In the event of certain legal incidents, we are obliged to pass on our customers’ data to law enforcement authorities or other third parties. This may be the case, for example, for official and court decisions or for legal and criminal prosecution.

How is my data protected?

We want you to feel and be safe on our website. Therefore, we take various measures to meet both the legal requirements and our own very high standards of data protection and data security.

Aesthetics International takes the protection of your Personal Data seriously. All data is handled and processed in accordance with the DPA, which ensures the highest standards of data protection.

Our data processing is subject to the principle that we only process the Personal Data that is necessary for the sensible and economic use of our offer. In doing so, we take great care to ensure that your privacy and the confidentiality of all Personal Data are always guaranteed.

All transmitted data is protected by TLS encryption. Transport Layer Security (TLS) is a protocol used to ensure secure data transmission on the Internet. The public-private key procedure is used here. This means that data encrypted with a publicly accessible key can only be decrypted again with a separate private key.

We stand for high security when you provide Personal Data. Aesthetics International uses technical and organizational security measures (TOMs) throughout the company to protect the data we manage from you against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. For example, we regularly train all employees on current IT security topics.

Nonetheless, please note that databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Duration of data storage

We store Personal Data on our secure server and only for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 6 years, irrespective of the processing purposes.

Marketing

Insofar as you have also given us your separate consent to process your data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out.

Your data subject rights

Under the DPA, you have the following rights:

  • Right to information;
  • Right to have inaccurate or incomplete Personal Data corrected;
  • Right to erasure;
  • Right to restrict processing;
  • Right to object to the processing;
  • Right to data portability;
  • Right to revoke consent; and
  • Right to complain.

We encourage you to contact us if you have any information requests, requests for information or objections about data processing or concerns. However, you also have the right to file a complaint with your local supervisory authority. However, we would appreciate it if you would contact us with your concern before turning to a supervisory authority.

Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of Personal Data, notably where such requests would not allow us to provide our service to you anymore.

Withdraw your consent

You may withdraw your consent and request us to stop using and/or disclosing your Personal Data for any or all of the Purposes by submitting your request to us. Should you withdraw your consent to the collection, use or disclosure of your Personal Data, it may impact our ability to proceed with your transactions, agreements, or interactions with us. Prior to you exercising your choice to withdraw your consent, we will inform you of the consequences of the withdrawal of your consent. Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies) or undertaking any steps as we may be entitled to at law.

Personal Data and children

Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose Personal Data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.

Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

If you have any questions or comments about our Privacy Policy or wish to exercise your rights, please contact us using the contact details provided here.