1. Introduction
Eden Clinic (www.edenclinic.ie) respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information in accordance with the General Data Protection Regulation (GDPR) and Irish data protection laws.2. Data Collected
Data Storage Location
Eden Clinic operates within Ireland and uses EU-based servers for data storage. We work with hosting providers who comply with GDPR standards to ensure your information is securely stored. All patient and website data is processed in accordance with Irish and EU data protection legislation.Registration Data
If you create an account or complete a form on our website, we collect your name, email address, and any other personal details you provide. This data is used solely to deliver services and communications you have requested. You may update or delete your personal information at any time by contacting us directly.Appointment Data
When you request a consultation or treatment, we collect personal and medical details to assess your suitability. This may include your name, contact information, medical history, and relevant photographs. All data is stored securely and only accessible to authorised clinical staff.Contact Form Submissions
Messages sent via the contact form are transmitted to our secure company email. These are used exclusively for patient service purposes and are never used for marketing unless you explicitly opt in. We do not share this information with third parties.Google Analytics
We use Google Analytics to anonymously track website usage patterns and performance. This helps us improve our content and user experience. No personally identifiable information is collected. You may opt out at any time using the Google Analytics Opt-out browser add-on.Cases for Using the Personal Data
We may use your personal information for the following purposes:- To respond to your enquiries or appointment requests
- To confirm and manage bookings
- To provide pre- and post-treatment care and guidance
- To ensure safety and regulatory compliance
- To send service-related updates (appointment reminders, post-op advice)
- To analyse website usage and improve services
3. Embedded Content
Pages on this site may include embedded content such as YouTube videos or Instagram feeds. Embedded content from other websites behaves in the exact same way as if you had visited those websites directly. These platforms may collect data about you, use cookies, and monitor your interaction with the embedded content. This includes tracking your activity if you are logged into your account on those platforms.
We may embed content from Facebook to display our timeline or posts. Facebook has its own privacy and cookie policies which we do not control. No personal data is shared with Facebook unless you interact with the embedded content. See their privacy policy here: Facebook Privacy Policy.
Instagram content may be embedded on our site to showcase our clinic’s latest updates. Interaction with this content is subject to Instagram’s own cookie and privacy settings. See their policy here: Instagram Privacy Policy.
Youtube
We occasionally embed videos from YouTube to provide helpful educational content. YouTube has its own cookie and privacy policies, and no data is shared unless you consent to play the video. See their privacy policy here: YouTube Privacy Policy.
4. Cookies
This site uses cookies, small text files that are placed on your device, to improve your browsing experience and enable certain functionality. Cookies help us remember your preferences, deliver analytics, and ensure the site operates as expected. You can disable cookies through your browser settings, although some parts of the site may not function correctly as a result.
Necessary Cookies (All Visitors)
- wordpress_test_cookie: Used by WordPress to test whether cookies are enabled on your browser.
Cookies for Logged-In Users
- wordpress_logged_in_{hash}: Used to indicate when you’re logged in and identify you to WordPress.
- wp-settings-{user}: Stores your personal admin area settings.
- wp-settings-time-{user}: Records the time at which wp-settings-{user} was set.
Analytics Cookies
- _ga: Used by Google Analytics to distinguish users.
- _gid: Used by Google Analytics to distinguish users over a 24-hour period.
- _gat: Used by Google Analytics to throttle request rate.
If you wish to opt out of Google Analytics tracking, you can use the official browser add-on here: Google Analytics Opt-out.
5. Who Has Access To Your Data
If you are not a registered client on our website, we do not collect or retain any personal data that could identify you individually.
If you are a registered user, your data can be accessed only by:
- Our website administrators, for the purpose of managing the platform and user accounts.
- Customer support representatives, when required to provide technical or administrative assistance regarding your account or submitted enquiries.
6. Third Party Access to Your Data
We do not share your personal data with third parties in a way that would reveal identifiable information such as your name or email address. However, in limited cases, we may need to share information with trusted partners in order to deliver services, ensure functionality of our website, or comply with legal obligations. These third parties are required to uphold strict confidentiality and data protection standards in line with GDPR.
Examples include:
- Website developers and IT providers who maintain or support our systems
- Payment providers for secure processing of transactions
- Email and marketing platforms for communication where consent has been given
- Regulatory bodies or law enforcement if required by legal obligation
All external providers are carefully selected and bound by strict data processing agreements. They are not permitted to use your data for their own purposes, and access is provided only when necessary for specific tasks on behalf of Eden Clinic.
7. How Long We Retain Your Data
We only retain personal data for as long as necessary to fulfil the purposes it was collected for, including for the purposes of satisfying any legal, accounting or reporting requirements.
If you contact us via a web form, email or telephone, we may retain your information for a period of up to 12 months from the last interaction, unless you request its removal sooner.
If you book a treatment or undergo a consultation, we are legally required to keep your medical records and treatment history for a minimum period of time as required by Irish healthcare regulations. This may be up to 8 years after your last appointment, or longer if required by law or for the establishment, exercise or defence of legal claims.
We review our data retention policies regularly to ensure we are not holding information unnecessarily. When your data is no longer needed, it will be securely deleted or anonymised.
8. Security Measures
We take your privacy and data protection seriously and implement appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
All data transmitted between your browser and our website is encrypted using Secure Socket Layer (SSL) technology. This ensures that any information submitted via forms is protected during transmission.
Access to personal data is strictly limited to authorised personnel only, who are trained in data protection and subject to confidentiality obligations.
In the event of any suspected personal data breach, we have procedures in place to assess the risk and will notify you and the Data Protection Commission (DPC) in Ireland where legally required to do so.
9. Your Data Rights
General Rights
If you have a registered account on this website or have submitted a contact form, you are entitled to request access to the personal data we hold about you. You may also request correction of any inaccurate information, or deletion of your data where there is no legal basis for us to retain it.
To exercise your rights, please contact us using the details provided in Section 13. We may need to verify your identity before fulfilling your request.
GDPR Rights
As a company operating in Ireland, we comply with the General Data Protection Regulation (GDPR). Under GDPR, you have the right to:
- Request access to your personal data
- Request correction or deletion of your data
- Object to or restrict processing of your data
- Request data portability where applicable
- Lodge a complaint with the Data Protection Commission if you believe your data rights have been violated
For more details on your data protection rights in Ireland, please visit the Data Protection Commission website.
10. Third Party Websites
This website may contain links to external third-party websites that are not operated or controlled by Eden Clinic. Once you click on these links, you will be subject to the privacy and cookie policies of the respective third-party sites.
Eden Clinic is not responsible for the protection and privacy of any information you provide while visiting such sites, and these sites are not governed by this Privacy Policy. We encourage users to exercise caution and review the privacy statements of each external website they visit.
All social media sharing links on this website, whether displayed as text links or icons, do not connect you to the respective platforms unless you explicitly click on them.
11. Release of Your Data for Legal Purposes
In certain circumstances, Eden Clinic may be required to disclose your personal information to comply with legal obligations or to respond to lawful requests from public authorities, including for national security or law enforcement requirements.
We may also disclose your data if we believe such action is necessary to:
- Protect and defend our rights or property
- Prevent or investigate possible wrongdoing in connection with the website
- Protect the personal safety of users or the public
- Comply with a legal obligation or legal process served on our business
Any disclosure of personal data will be strictly carried out in accordance with Irish law and the General Data Protection Regulation (GDPR).