Login

Privacy Policy

1. Data Controller

Osaühing Axis Pärnu (hereinafter "iluexpert" or "we") is the controller of your personal data.

Address: Ümera tn 2a, 80026 Pärnu linn, Pärnu maakond, Estonia

Email: info@iluexpert.com

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have in relation to your data. We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Estonian legislation.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

• Contact information: name, email address, phone number.

• Account data: email address and encrypted password created when registering for a client account on our website.

• Appointment data: preferred date and time, treatment selected, booking history.

• Health-related information: relevant medical conditions, contraindications, and skin or body concerns voluntarily disclosed by you for the safe provision of aesthetic treatments.

• Communication data: messages sent to us via contact forms, email, or WhatsApp.

• Technical data: IP address, browser type, pages visited, and session duration collected via website analytics.

3. Purposes and Legal Basis

We process your personal data for the following purposes:

• Booking management and appointment confirmation — legal basis: performance of a contract (Art. 6(1)(b) GDPR).

• Providing aesthetic and beauty treatments safely — legal basis: performance of a contract and, where health data is involved, your explicit consent (Art. 9(2)(a) GDPR).

• Sending appointment reminders and follow-up communications — legal basis: legitimate interest (Art. 6(1)(f) GDPR).

• Responding to enquiries — legal basis: legitimate interest.

• Compliance with legal obligations — legal basis: legal obligation (Art. 6(1)(c) GDPR).

• Website analytics and improvement — legal basis: your consent via cookie preferences.

4. Retention

We retain personal data only for as long as necessary for the purpose it was collected, or as required by law.

• Appointment and client records: up to 3 years from your last visit.

• Health-related data: up to 3 years from your last treatment, unless a longer period is required by applicable healthcare regulations.

• Communication records: up to 2 years.

• Analytics data: as per the retention settings of the analytics provider, typically 14 months.

After the retention period expires, your data is securely deleted or anonymised.

5. Sharing Your Data

We do not sell your personal data. We may share it with trusted third parties only where necessary:

• Booking and scheduling software providers who process data on our behalf as data processors.

• Email and communication platforms used to send appointment confirmations and reminders.

• Analytics providers (e.g. Google Analytics) — only with your consent.

• Advertising platforms (e.g. Meta) — only with your consent, where you have enabled ads and marketing cookies.

• Competent authorities where required by law.

All processors are bound by data processing agreements and may not use your data for their own purposes.

6. Your Rights

Under GDPR you have the following rights regarding your personal data:

• Right of access — you may request a copy of the personal data we hold about you.

• Right to rectification — you may ask us to correct inaccurate or incomplete data.

• Right to erasure — you may request deletion of your data where there is no lawful basis for continued processing.

• Right to restriction — you may ask us to restrict processing in certain circumstances.

• Right to data portability — you may request your data in a structured, machine-readable format.

• Right to object — you may object to processing based on legitimate interest.

• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at info@iluexpert.com. We will respond within 30 days. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon, www.aki.ee).

7. Cookies

Our website uses cookies and similar tracking technologies to improve your experience and analyse site usage.

• Strictly necessary cookies: required for the website to function and cannot be disabled.

• Functional cookies: enable enhanced features such as remembering your language preference and settings. Set only with your consent.

• Analytics cookies: help us understand how visitors interact with the site (e.g. Google Analytics). Set only with your consent.

• Ads and marketing cookies: used to measure the effectiveness of advertising campaigns and to show relevant content on external platforms (e.g. Meta Pixel). Set only with your consent.

You can manage your cookie preferences at any time via your browser settings or our cookie consent banner.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. Access to personal data is restricted to staff who need it for their work.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The current version will always be published on this page with the effective date. We encourage you to review this page periodically.

Last updated: March 2026

10. Contact

For any questions about this Privacy Policy or your personal data, please contact us:

Osaühing Axis Pärnu

Ümera tn 2a, 80026 Pärnu linn, Pärnu maakond, Estonia

Email: info@iluexpert.com