Privacy Policy

Introduction

HyperBastion Ltd ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Data Controller Information

HyperBastion Ltd is the data controller for the personal information we process. Our registered office is located at Capel Street 135, Galway, H14 9163, Ireland. Registration Number: 840268, VAT Number: IE8Y12947A.

Data Collection

We collect personal data that you provide to us directly and automatically when you use our website and services. The data we collect includes:

• Contact information (name, email address, phone number, address)
• Appointment and consultation details
• Medical history and treatment information (with your consent)
• Website usage data and analytics information
• Communication preferences and marketing consent
• Payment and billing information

How We Use Your Information

We use your personal data for various purposes, including how we use your information for the following legitimate business purposes:

• Providing aesthetic and cosmetic treatment services
• Scheduling and managing appointments
• Processing payments and maintaining billing records
• Communicating with you about your treatments and our services
• Improving our website and services through analytics
• Sending marketing communications (with your consent)
• Complying with legal obligations and regulatory requirements

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent for specific purposes
• Contract: To perform our services and fulfil our contractual obligations
• Legitimate interests: For business operations, security, and service improvement
• Legal obligation: To comply with applicable laws and regulations

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information with:

• Healthcare professionals involved in your treatment
• Service providers who assist in our business operations
• Legal authorities when required by law
• Professional advisors (lawyers, accountants, auditors)

Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this policy. Medical records and treatment information are retained in accordance with healthcare regulations and professional guidelines. Marketing data is retained until you withdraw consent or request deletion.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Request copies of your personal data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a portable format
• Right to object: Object to certain types of processing
• Rights related to automated decision-making and profiling

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure storage systems, access controls, and staff training on data protection.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements.

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out using the following contact information:

• Email: privacy@hyperbastion.top
• Phone: +353 91 890 2324
• Address: HyperBastion Ltd, Capel Street 135, Galway, H14 9163, Ireland

Supervisory Authority

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC) or your local supervisory authority.