Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Tom Fisher, trading as Fisher Clinics ("we", "us", "our") collects, uses, and protects your personal data when you use the Aesthetics Logbook application ("the App") and related services.

By using the App, you agree to the collection and use of information as described in this policy.

1. Who We Are

The App is operated by Tom Fisher, trading as Fisher Clinics, based in England. If you have any questions about this policy, please contact us at aestheticslogbook@gmail.com.

2. What Data We Collect

We collect the following categories of data:

• Account data: your email address and, if you sign in with Google, your Google account name and profile picture.
• Logbook data: clinical case entries you create, including procedure type, date, body area, notes, and review status. This data is entered by you and stored on your account.
• Settings and preferences: clinic name, logo, reminder settings, theme preferences.
• Usage data: entry counts, subscription status, and app activity used to provide the service.
• Device data: device push notification tokens, used solely to deliver review reminders you have requested.

3. How We Use Your Data

We use your data to:

• Provide and maintain the App and its features.
• Sync your logbook data securely across your devices.
• Send review reminders you have configured.
• Manage your subscription and process payments.
• Respond to support enquiries.
• Improve the App based on aggregated, anonymised usage patterns.

We do not use your clinical case data for marketing, profiling, or any purpose other than providing the service to you. CPD Library modules are made available to all users equally and are not personalised based on your logbook entries.

4. Legal Basis for Processing (UK GDPR)

We process your personal data on the following legal bases:

• Contract performance: to provide the App services you have signed up for.
• Legitimate interests: to improve the App and ensure its security.
• Consent: for push notifications, which you can withdraw at any time through your device settings.

5. Data Storage and Security

Your data is stored securely using Google Firebase (Firestore and Firebase Storage), which is hosted on Google Cloud infrastructure. Google Firebase is compliant with industry-standard security certifications including ISO 27001 and SOC 2.

Data is encrypted in transit and at rest. Access to your data is controlled by Firebase Security Rules and is limited to your authenticated account.

While we take reasonable steps to protect your data, no system is completely secure. You are responsible for keeping your login credentials confidential.

6. Third-Party Services

We use the following third-party services to operate the App:

• Google Firebase — authentication, database, file storage, and push notifications.
• Stripe — payment processing for web subscriptions. Stripe handles all payment data; we do not store your card details.
• RevenueCat — subscription management for iOS and Android in-app purchases.

Sponsors of CPD Library content do not receive access to your personal data or logbook entries.

Each of these providers has its own privacy policy and data processing terms. We recommend reviewing them if you have concerns about how they handle your data.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, your personal data and logbook entries are permanently deleted from our systems within 30 days, except where we are required to retain certain records by law.

8. Your Rights (UK GDPR)

You have the following rights regarding your personal data:

• Right of access: you can request a copy of the data we hold about you.
• Right to rectification: you can correct inaccurate data directly within the App.
• Right to erasure: you can delete your account and all associated data from within the App at any time.
• Right to data portability: you can export your logbook data as a CSV file from within the App.
• Right to object: you can object to certain types of processing by contacting us.

To exercise any of these rights, please contact us at aestheticslogbook@gmail.com.

9. Cookies and Tracking

The web version of the App uses essential cookies only, which are necessary for authentication and session management. We do not use advertising cookies or third-party tracking cookies.

10. Children's Privacy

The App is intended for use by healthcare professionals and is not directed at children under the age of 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the date at the top of this page. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:

aestheticslogbook@gmail.com