AESTUTEOS
Privacy Policy
Last updated: 4 June 2026
AestuteOS is operated by Aestute. This Privacy Policy explains how we collect, use, store and protect information when clinics, practitioners, administrators or authorised users use AestuteOS and connected services, including Facebook, Instagram and Meta messaging integrations.
1. Who we are
Aestute provides software and workflow tools for aesthetic medicine, cosmetic surgery and clinical service businesses.
Contact email: hello@aestute.com
2. Information we collect
Depending on how AestuteOS is used, we may process:
- account information, such as name, email address and user role
- clinic or business information
- messages, enquiries and communication records
- appointment, consultation and workflow information
- technical information, such as device, browser, IP address and usage logs
- information received through connected services such as Facebook, Instagram, WhatsApp or website forms, where the clinic has enabled those integrations
Where AestuteOS is used by a clinic, patient or client information is controlled by that clinic. Aestute acts as a software provider and processor for that clinic.
3. How we use information
We use information to:
- provide and operate AestuteOS
- connect enquiries, messages and clinic workflows
- support booking, consultation, consent, treatment and follow-up workflows
- provide customer support
- improve security, reliability and performance
- maintain audit logs and compliance records
- comply with legal and regulatory obligations
We do not sell personal data.
4. Meta and Facebook data
If a clinic connects Facebook, Instagram or another Meta service, AestuteOS may receive information required to display, manage or respond to messages, enquiries, comments or account-related activity.
This may include profile identifiers, page identifiers, message content, sender details, timestamps and related metadata, depending on the permissions granted by the clinic and approved by Meta.
We use this data only to provide the connected clinic workflow requested by the clinic.
5. Sharing information
We may share information with:
- authorised users within the clinic account
- infrastructure, hosting, email, analytics, security and software providers who help us operate the service
- regulators, authorities or legal advisers where required by law
- connected platforms, where necessary to provide the integration requested by the clinic
We require service providers to protect information appropriately.
6. Data retention
We keep information only for as long as needed to provide the service, meet legal obligations, support audit requirements, resolve disputes and maintain security.
Clinics may request deletion or export of their data, subject to legal, clinical, contractual and regulatory retention requirements.
7. Security
We use reasonable technical and organisational measures to protect information, including access controls, authentication, audit logging and secure hosting practices.
No system can be guaranteed to be completely secure, but we work to protect data against unauthorised access, loss, misuse or disclosure.
8. Your rights
Depending on your location and relationship with the clinic, you may have rights to access, correct, delete, restrict or object to the processing of your personal data.
If you are a patient or client of a clinic using AestuteOS, you should usually contact the clinic directly because the clinic controls your record.
You may also contact us at hello@aestute.com.
9. Data deletion requests
For Facebook or Meta-related data deletion requests, please see: www.aestute.com/facebook-data-deletion
10. Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be available on this page.
11. Contact
For privacy questions, contact:
hello@aestute.com