Skip to main content

Customer Personal Data Protection Policy


Dr. Shah Hair Clinic is committed to protect all customers’ personal data and privacy. The purpose of this Customer Personal Data Protection Policy is to set out some clear guidelines on certain do’s and don’t regarding customers’ personal data.

What is “Customer Personal Data”

Customer Personal Data refers to any information that can be used to identify an individual or that is associated with an identifiable individual.  This data can be collected and processed by businesses during various interactions with customers.

Examples of customer personal data include :

  • Basic identification information: This includes details such as the customer’s name, address, date of birth, and contact information (phone number or email address).
  • Demographic information: This includes the customer’s gender, ethnicity, marital status, occupation, or income level.  It helps businesses understand their customer base better and tailor their products or services accordingly.
  • Financial information: This includes bank account details, credit card information, or payment history.  It is often required for processing payments an conducting financial transactions. 


Authorised Disclosure:  Sellers are prohibited from disclosing customer personal data to third parties without proper consent or legal justification.  They must ensure that customer data is kept confidential and only shared with authorised individuals or entities.

Unlawful Use:  Sellers cannot use customer personal data for unlawful purposes, such as identity theft, fraud, or any activity that violates applicable laws or regulations.

Unconsented Marketing:  Sellers generally cannot use customer personal data for direct marketing or promotional activities without obtaining appropriate consent.

Excessive Data Collection:  Sellers should only collect customer personal data that is necessary for legitimate business purposes.  Collecting excessive or irrelevant information is generally not allowed.

Data Retention: Sellers must not retain customer personal data for longer than necessary or in violation of applicable data retention periods specified by laws or regulations.

If you suspect your computer has been hacked, or that there has been a potential data breach (e.g. you accidentally send emails or messages containing the personal data of others), you must inform us immediately at [email protected] to ensure necessary measure and action is taken.


At Dr. Shah Hair Clinic, we are committed to upholding the highest standard and prioritise the protection and privacy of our customers’ personal data.  We have established this customer personal data protection policy to outline our commitment to safeguarding the confidentiality, integrity, and availability of our customer information.

To ensure compliance with this policy, it is imperative that all employees understand their responsibilities, receive appropriate training, and adhere to the established procedures for handling customer personal data.  Compliance is a shared responsibility, and any concerns or potential violations should be reported immediately to the designated management.

Any employee found to be in violation of this policy may face disciplinary action, depending on the severity and frequency of the violation. By complying with this policy, we safeguard our customers’ trust maintain, regulatory compliance, and protect the reputation and success of our organisation.