Last updated: March 2026 - This policy is subject to periodic review.
1. Introduction
The British College of Cosmetic Surgery (“the College”, “we”, “us”, “our”) is committed to protecting the privacy and personal data of all individuals who interact with our website and services. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our website at britishcollegeofcosmeticsurgery.com or submitting any form or enquiry to us, you agree to the terms of this Privacy Policy.
2. Data Controller
The data controller responsible for your personal information is:
British College of Cosmetic Surgery
Company Registration: [To be confirmed]
Email: admin@britishcollegeofcosmeticsurgery.com
3. What Personal Data We Collect
We may collect the following categories of personal data depending on how you interact with us:
Contact and General Enquiry Forms
- Full name
- Email address
- Phone number
- Enquiry details and any information you voluntarily provide
Professional Membership and Fellowship Enquiries
- Full name and professional title
- GMC (General Medical Council) registration number
- Email address and telephone number
- Professional background and intended fellowship or accreditation area
- Enquiry type and related correspondence
Event Registration
- Full name and email address
- Professional title where provided
- Attendance confirmation and related correspondence
Member Accounts (forthcoming)
When member account functionality is introduced, we will collect additional data to support CPD tracking, course access, and fellowship progress. This policy will be updated accordingly and members will be notified prior to any changes.
4. How We Use Your Personal Data
We use the personal data we collect for the following purposes:
- To respond to general enquiries and correspondence
- To process fellowship applications and professional membership enquiries
- To manage event registrations and communicate event-related information
- To administer member accounts and track CPD and fellowship progress (forthcoming)
- To comply with legal and regulatory obligations
- To improve our website and services
- To send relevant professional communications where you have given consent
We will only use your personal data for the purpose for which it was collected, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose.
5. Legal Basis for Processing
We rely on the following lawful bases under UK GDPR for processing your personal data:
- Legitimate interests – to respond to professional enquiries and manage our operations as a professional body
- Consent – where you have explicitly agreed to receive communications from us
- Contractual necessity – where processing is required to fulfil a membership or fellowship agreement
- Legal obligation – where we are required to process data to comply with applicable law
6. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected. Our standard retention periods are as follows:
- General enquiry and contact form data: 2 years from the date of enquiry
- Event registration data: 1 year following the date of the event
- Fellowship and membership application data: Duration of fellowship or membership plus 7 years, in line with professional record-keeping norms
- Member account data (forthcoming): Duration of active membership plus 5 years
Where data is no longer required, it is securely deleted or anonymised.
7. Data Sharing and Third Parties
We do not sell, rent, or trade your personal data to third parties. We may share your data in the following limited circumstances:
- With trusted service providers who assist in operating our website and services, under strict data processing agreements
- With LinkedIn and associated advertising platforms, where you have engaged with our professional communications (see Advertising below)
- Where required by law, regulation, or legal proceedings
All third parties with whom we share data are required to handle it in accordance with UK GDPR and applicable data protection law.
8. Professional Advertising
The College may use LinkedIn to promote its programmes and events to relevant professional audiences. LinkedIn may process data in accordance with its own privacy policy where you interact with our advertisements. We do not use this data to build personal profiles or for any purpose beyond professional outreach relevant to the cosmetic surgery community.
9. Cookies and Website Analytics
Our website does not currently use tracking or analytics cookies. We may introduce analytics tools in the future to help us understand how our website is used and improve the experience for visitors. Should we do so, this policy will be updated and visitors will be notified via an appropriate cookie consent mechanism.
10. International Data Transfers
The College welcomes enquiries from surgeons and medical professionals internationally. Where personal data is transferred outside the United Kingdom, we ensure that appropriate safeguards are in place in accordance with UK GDPR, including standard contractual clauses or reliance on adequacy decisions where applicable.
11. Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access – to request a copy of the personal data we hold about you
- Right to rectification – to request correction of inaccurate or incomplete data
- Right to erasure – to request deletion of your personal data in certain circumstances
- Right to restrict processing – to request that we limit how we use your data
- Right to data portability – to receive your data in a structured, commonly used format
- Right to object – to object to processing based on legitimate interests or for direct marketing
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, please contact us at admin@britishcollegeofcosmeticsurgery.com. We will respond to all requests within one calendar month.
12. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, destruction, or alteration. Our website is hosted on secure infrastructure and all data transmissions are encrypted via SSL/TLS.
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner’s Office (ICO) within 72 hours and affected individuals without undue delay where required.
13. Complaints
If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority:
Information Commissioner’s Office
Website: www.ico.org.uk
Helpline: 0303 123 1113
We would, however, welcome the opportunity to address your concerns directly before you approach the ICO. Please contact us at admin@britishcollegeofcosmeticsurgery.com in the first instance.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. The date at the top of this document indicates when it was last revised. We encourage you to review this policy periodically. Where changes are material, we will notify members and registered users directly.
About this page
Understand how the British College of Cosmetic Surgery collects, uses, and protects your personal data in accordance with UK GDPR and the Data Protection Act 2018.
Check other pages
