committed to protecting your privacy and personal information and will never
abuse your trust.
- what information is collected
- how information is stored
- how information is used
This is the
definition provided to us by the Information Commission:
applies to ‘personal data’ meaning any information relating to an identifiable
person who can be directly or indirectly identified in particular by reference
to an identifier.
This definition provides for a wide range of personal identifiers to constitute
personal data, including name, identification number, location data or online
identifier, reflecting changes in technology and the way organisations collect
information about people.
The GDPR applies to both automated personal data and to manual filing systems
where personal data are accessible according to specific criteria. This could
include chronologically ordered sets of manual records containing personal
information do we collect?
When you book
an appointment in-salon or over the phone:
- To book an appointment (reserve
Stylist time), you must provide your name and at least one contact phone
number along with information about the services you would like to receive.
All other personal information you provide is optional.
- To receive email correspondence
about your appointments (paperless receipts/appointment reminders/loyalty club
point balance, salon information/updates etc), you must provide your email
address and confirm that you are happy to receive emails from us.
- You may provide additional personal
information such as your postal address, age, gender etc if you choose to,
but this information is not needed to book an appointment and is not used
- You may disclose information
about your business – however this is not personal information which for
the purposes of the GDPR only relates to the personal data of individuals
book an appointment online:
· To book an appointment (reserve
Stylist time), you must provide your name, email address and at least one
contact phone number along with information about the services you would like
· You may provide additional personal
information such as your postal address, age, gender etc if you choose to, but
this information is not needed to book an appointment and is not used for
When a third-party
contacts me on your behalf:
- Personal data provided by a
third party such as your name, contact details and specific circumstances.
visit this website, or interact with this site or the salon via social media:
- Your IP address and browsing
preferences and choices;
- Your name and username and any
comments that you make.
- You may choose to provide us
with additional personal information (for specific appointment booking
information, asking questions etc) if you contact us directly.
When you fill in a contact form on this website:
- Your name, email address and phone number (if you request a call back).
- Any additional information you choose to provide as part of your comments or questions.
receive a Hairdressing service or purchase a retail product:
- To carry out Hairdressing
services and purchase salon retail products, you must provide us with
certain information, such as your name, phone number, payment information
and details of the service you would like or products you would like to purchase.
You may also choose to provide us with additional personal information (specific
service or product information, asking questions, custom adjustments etc).
- During your professional
consultation, we may ask you to provide additional information such as medical/illness/medication/previous
allergic reaction history on the grounds of health and safety and offering
you the best service. What you disclose is your choice.
- You may choose to provide
additional personal information during your professional consultation such
as lifestyle, health or work-related information to help identify suitable
services or prescribe treatments. What
you disclose is your choice.
How do we
personal information may be collected from a number of sources. These include:
- From you when you book an
- From you when you contact or
interact with this site by email or when you communicate through social media.
- From contact forms you may complete.
- From public sources of data
(e.g. the contact details you have chosen to make public on your website
or social media).
- From organisations/bodies you
are connected to or are affiliated with when they provide your information
Why do we
on a number of legal bases to collect, use, and share your information.
- As needed to provide our
services, such as when we use your information to book an appointment,
work with you to discuss services or products during the consultation,
carry out hairdressing services, provide you with paperless receipts/appointment
reminders, to settle disputes, or to provide customer support.
- In relation to salon updates and
paperless receipts/appointment reminders/loyalty point balance
reminders/review questionnaires, the information we hold is based on you
having given your consent, which you may revoke at any
time. For example, in relation to salon updates, you have provided
the email and then verified that it should be stored and used as a basis
for sending you an email for keeping you updated with salon news.
- We also collect information
because of a legitimate interest, if those legitimate
interests are not overridden by your rights or interests, such as
providing and improving our services or ensuring we have correct details
in relation to any public published information about you. We use your
information to provide the services you requested and in our legitimate
interest to improve our services.
- Data relating to any business
transaction arises out of a contractual necessity e.g. so
both you and the salon are fulfilling the obligations set out in supplier
terms and conditions or any contract that may be in place, or if necessary
to comply with a legal obligation or court order or in connection with a
legal claim, such as retaining information about your purchases if
required by tax law
How do we
use your information?
process your data very carefully in order to:
- Book appointments with accurate allocated
- Provide personalised service and
- Record the Hairdressing services
carried out, products used and the cost of services to maintain a detailed
client service history as per our industry requirements.
- Record test results,
contraindications, and incompatibilities as per our industry requirements.
- Record any correspondence and
- Send out important information
relating to salon news and updates.
- Send out client service receipts,
appointment reminders, loyalty club point balance and salon review questionnaires.
- Analyse client demographics to
offer the most relevant services and products.
- Maintain relationships with
individuals and organisations and send messages from time to time in
relation to the salon business.
How is it
personal data will always be treated with respect and is stored in a number of
- In paper files stored securely
in the salon premises.
- In software systems which are
managed on our Windows hardware or on WebWare provided by a third-party
supplier (Shortcuts, MailChimp & Vistaprint).
Who do we
share your information with?
about our customers is important to our business. We share your personal
information for very limited reasons and in limited circumstances, we may share
your data with and/or obtain information from some third parties:
- Our website service provider in
relation to the use of forms and comments on this website and for the
management of cookies on this website;
- Statistical services with
respect to understanding the traffic to the website (such as Google
- Social media providers e.g.
Facebook, Twitter, Instagram – to highlight public news
- Service providers. we engage
certain trusted third parties to perform functions and provide services for
the salon, such as salon software company, Shortcuts or Email automation
platform, Mailchimp. We will share your personal information with these
third parties, but only to the extent necessary to perform these services
(such as booking your appointment, maintaining client visit records, or
sending important salon information).
- Compliance with laws: We may collect,
use, retain, and share your information if we have a good faith belief
that it is reasonably necessary to: (a) respond to legal process or to
government requests; (b) enforce our agreements, terms and policies; (c)
prevent, investigate, and address fraud and other illegal activity,
security, or technical issues; or (d) protect the rights, property, and
safety of our customers, or others.
- Business transfers. If we sell
or merge our business, we may disclose your information as part of that
transaction, only to the extent permitted by law.
We are committed
to protecting your privacy. Under no circumstances do we rent, trade or share
your e-mail address without your consent.
occasionally, clients ask to be put in contact with another client. Rather than
give their email address to you, we inform you that we will forward your
request (using email) to them and leave them to decide how to
of Personal Information Outside the EU
We may store
and process your information through third-party hosting services in the US and
other jurisdictions. As a result, we may transfer your personal information to
a jurisdiction with different data protection and government surveillance laws
than your jurisdiction. If we are deemed to transfer information about you
outside of the EU, I rely on Privacy Shield as the legal basis for the
transfer, as Google Cloud is Privacy Shield certified.
How do we
protect your data?
We take the
security of your data very seriously. Your data cannot be accessed by third
parties other than those providing services as identified in this policy.
We engage reputable service providers to process your data on our behalf for
the purposes of email correspondence, service booking and record keeping,
website and social media provision. They are all under a duty of confidentiality
and are legally obliged to implement appropriate technical and organisational
measures to ensure the security of data in line with the relevant legislation.
do We keep your personal data?
We retain your
personal information only for as long as necessary to provide you with our
required to retain this information to comply with our legal and regulatory
obligations, to resolve disputes, and to enforce our agreements. Nothing is
kept indefinitely. Your personal data is kept under review.
- Correspondence: we periodically
delete contacts and associated emails.
- Blog comments and forms: If the
blog comment is not published or the form submitted is nonsensical, they
- Spam comments are kept for a
period of time prior to reports to Google re. worst offenders.
- Personal data and business
correspondence in relation to all business contracts involving payment is
retained for a minimum of six years after the end of the tax year in line
with the requirements of HMRC.
If you live
in the EU you will always be notified via a cookie ‘banner’ notice that cookies
are used by this site as soon as you alight on the site.
Very many websites, including this one, send you cookies when you visit the
site in order to collect data to track traffic flows. A cookie is a small
amount of data, which often includes a unique identifier that is sent to your
computer or other device browser from a website’s computer and is stored on
your device’s hard drive.
Cookies record information about the location of your IP provider, technical
data about your computer and data about which pages you look at on this website
and how these were accessed. They do NOT tell Vistaprint or us who the
person is or anything else about the person viewing the site. If you
have a website or blog yourself then you are probably collecting statistical
data relating to traffic flows in a very similar way.
- First party cookies: Used
to provide basic functionality of our Service, including for
authentication and security purposes, configuration, and support.
- Third party cookies: Used
to enable certain analytics and tracking tools, as well as interest-based
advertising and chat functionality.
- Session cookies: Used to
enable certain analytics and tracking tools, interest-based advertising,
as well as for app configuration, monitoring tools, to pin user session to
a specific server, and to prevent cross site request forgery.
- Persistent cookies: Provides
functionality of first party cookies and third-party cookies across
helps us understand which pages are the most popular and how somebody has
arrived at the site e.g. from a hairdressing forum or via a search on
Google. It also enables us to know what format most people are now using
to view pages which in turn helps us with prioritising design and accessibility
issues on this website
If you are concerned about Cookies you can find out more about how to manage cookies on the
of Email addresses
Policy in relation to email addresses is simple.
We rely on your consent for us to know and use the personal data you supply –
such as name and email address. Your data is always kept safe and secure.
You are also
assured of privacy relating to data collected for statistical purposes – however we are dependent on the
privacy policies of third parties in this respect.
All statistical data collected via this site is initially collected, stored and
analysed by third parties.
We are able to download some data to our own computer. All data collected
is anonymous and is collected solely for statistical purposes, to improve the
service offered and is not used to identify individuals.
reside in certain territories, including the EU, you have a number of rights in
relation to your personal information. While some of these rights apply generally,
certain rights apply only in certain limited cases. We describe these rights
- Access. You may have the right to
access and receive a copy of the personal information we hold about you by
contacting us using the contact information below.
- Change, restrict, delete. You may also have rights to
change, restrict our use of, or delete your personal information. Absent
exceptional circumstances (like where we are required to store data for
legal reasons) we will generally delete your personal information upon
- Object. You can object to (i) our
processing of some of your information based on our legitimate interests
and (ii) receiving marketing messages from us after providing your express
consent to receive them. In such cases, we will delete your personal
information unless we have compelling and legitimate grounds to continue
using that information or if it is needed for legal reasons.
- Complain. If you reside in the EU and
wish to raise a concern about our use of your information (and without
prejudice to any other rights you may have), you have the right to do so with
your local data protection authority.
information and further advice
of EU data protection law, I, Laura Jayne Lundy (salon owner – the
author if this website)
am the data controller of your personal
information and responsible for ensuring compliance with data protection
legislation. If you have a query please contact me in the first instance by email firstname.lastname@example.org
If you have
concerns about the use of your personal data, the Information Commissioners
Office is an independent body set up to uphold information rights in the UK.
They can be contacted through
- their website: www.ico.org.uk or
- their helpline on 0303 123 1113,
- in writing to: Information
Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9