La Cure

Privacy Policy

Last reviewed 27 May 2026.

This policy explains how Veritas Medical Ltd (“we”, “us”), the Data Controller, handles your personal data in line with the UK GDPR and the Data Protection Act 2018.

Data Controller

Veritas Medical Ltd, [CLINIC ADDRESS], [CLINIC LOCATION]. ICO registration number: [ICO NUMBER]. Contact: hello@lacurelongevity.com.

Data we collect

  • Identity and contact details (name, email, phone, date of birth).
  • Special-category health data necessary to assess and deliver treatment safely.
  • Booking, payment and correspondence records.
  • Website analytics data (only with your consent).

Lawful bases

  • Consent — for marketing and non-essential cookies.
  • Contract — to provide the services you book.
  • Legal obligation — clinical record-keeping and safety reporting.
  • For health data: Article 9(2)(h) — provision of health care by a professional bound by confidentiality.

Retention

Medical records are retained for 10 years after your last treatment, in line with NMC guidance. Other records are kept only as long as necessary.

Third-party processors

  • Supabase (hosting & database)
  • Plausible or Google Analytics (analytics, consent-gated)
  • Pabau / AestheticNurseSoftware (clinic management)
  • Stripe (payments)
  • Accredited laboratory partners (diagnostics)
  • Resend (transactional email)

Your rights

You have the right to access, rectify, erase, restrict, object to processing and to data portability. To exercise these rights, email us. You may complain to the ICO (ico.org.uk).