Effective as of 25th May 2018. This notice will be reviewed annually or as required.
We take your privacy very seriously and we are committed to maintain the accuracy, confidentiality and security of your personal information. Data protection laws gives you the right to be informed about how your personal information is processed. This Policy contains the following information:
– What information do we collect about you?
– How will we use your information?
– How long do we retain your information?
– Where is your information stored?
– Access to your information and correction
– Other websites
– How to contact us
What information do we collect about you?
We collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product and whenever you contact us online, on paper, by email or over the phone.
The personal information we collect is any information about an identifiable individual. We collect and hold personal information of individuals who are, were or seek to be our clients, including information about:
– What you tell us about yourself;
– Your name, address, email address, contact numbers and date of birth;
– Medical records and health information;
– Personal preferences;
– Our records of invoicing and payment.
For clients under the age of 16, we may only collect and maintain personal information by means of consent from a parent, carer or guardian.
We also operate CCTV in our premises for the safety and security of our clients, visitors and staff, and to protect against theft, vandalism and damage to goods and property on the premises. Recorded images are regularly destroyed and not shared with third parties unless there is suspicion of crime, in which case they may be turned over to the police or other appropriate government agency or authority. This section is not meant to suggest that clients will be monitored. It is to bring your attention that such monitoring may occur for the reasons explained above.
How will we use your information?
We may use your personal information for purposes described in this Policy to allow us to manage your service effectively, or for any additional purposes that we have advised you of and, where your consent is required by law, where we have collected your consent in respect of the use or disclosure of your personal information.
We may also use your personal information without your knowledge or consent where permitted or required by law or regularity requirements.
We share your information with:
– Suppliers: Microsoft (cloud storage), Gandi (email system), BUSI ME PRINT (website provider), and MailChimp (email communication tool).
Booking System – We use a paper, at the salon to process your appointment. We may also send you an appointment confirmation and reminder via email and/or SMS. We consider your having made an appointment as consent to undertake this booking process. Should you wish to opt-out, you may do so at any time by contacting us. All paper made bookings are shredded as per our legal retention requirements.
We may share your data with our employees, including self-employed staff, and other parties who require such information to assist us with managing the service we provide you.
We will not share your information with any other third party without your informed consent expect under the obligation of law.
MailChimp – We may send you email newsletters about offers, products and services which may be of interest to you if you opt-in to receive such correspondence. We may also send you details of new services but only if it is within our legitimate interest to do so.
Email newsletters may also contain subscriber tracking facilities, for example whether emails have been opened or links have been clicked on. We use this activity and information to refine our future email newsletters and communications with relevant content.
We will always let you know that you can opt-out from receiving marketing material and you can let us know at any time if you no longer wish to receive direct marketing offers from us. You can do so by writing or emailing to us at email@example.com.
How long do we retain your information?
Except as otherwise permitted or required by law, we will retain your personal information only for as long as we believe is necessary to fulfil the purposes for which the information was collected.
Procedures for retaining personal information:
– Bookings made on paper are shredded and destroyed securely after 7 days;
– Communication for marketing purposes will require consent on a yearly basis;
– Should a service discontinue after 2 years, your data will be deleted;
– All emails are deleted after 2 years, unless required to be retained by law;
– Financial transactions are to be retained for 6 years;
– Online user and event data through Google Analytics for 26 months;
– CCTV images and recordings are automatically deleted after 30 days.
Where is your information stored?
We have rigorous data protection and security policies in place with all our suppliers. We endeavour to protect your personal data from loss and unauthorised access, copying, use, modification or disclosure.
Your personal information is stored on our secure services provided by Microsoft and MailChimp.
CCTV images and recordings are stored securely on site.
Access to your information and correction
You may ask to see your personal information that we hold of you. If you wish to review, verify or correct your personal information, such request should be communicated in writing. Please note, we may request specific information from you to enable us to confirm your identity and right to access. However, this is not always absolute. There may be instances by law that require us to refuse to provide some or all personal information that we hold about you. In addition, personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and procedures.
Requesting your personal information is free, unless we consider the request to be unfounded, excessive and/or for the purpose of printed material, in which case we may charge a fee to cover the costs.
It is important to us that the information we hold of you is both accurate and current. If your personal information happens to change during our service relationship with you, please contact us and notify of such changes.
You have the right for to have your personal information corrected if it is inaccurate. In some circumstances we may decide to update our records from the time you declared the change and all previous records will remain the same, thus maintaining a log of the change.
If you require access to your information or correction, please contact us at firstname.lastname@example.org.
How to contact us
2 High Street