This privacy notice explains how The Beauty Studio looks after personal information you give us or that we learn by having you as a client and the choices you make about marketing communications you agree we may send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.
WHAT INFORMATION WE COLLECT ABOUT YOU:
We collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product or apply for a job, whether contact is online, on paper, by email or over the phone. The information you give us may include your name, address, email address, phone number, relevant history which may suggest that a service or treatment should not go ahead or certain products should not be used (eg allergies, pregnancy, skin conditions).
We operate CCTV across the premises for the safety and security of our clients and staff as well as a deterrent for the purpose of criminal activity.
For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.
What personal data we collect and why
When arriving for your appointment at the salon we will ask you to complete client record card. We require the below personal details from you and have given a legal reason why we need these.
Your full name - So we can address you in the salon and ensure all communication is with the correct person.
Date of birth - So we can wish you a happy birthday, to help us distinguish 2 clients with identical names and also for the emergency services in case of an emergency whilst at the salon.
Address - To aid the emergency services in case of an emergency whilst at the salon. If any of your loved ones contact us to send you a gift voucher.
Email address - To send booking confirmations and 24 hour reminders as well as email invoices of any services you have received.
Mobile number - To send 24 hour reminders
Medical history including operations, diseases, disorders - Medical history is crucial to allow us to perform our treatments safely and adhere to the terms of our insurance.
Allergies - To ensure nothing we use during a treatment or around you at the salon can cause you harm, irritation or any other complications and to adhere to the terms of our insurance..
Medication - Some medication can be a contraindication to treatment or react with products we use. It is essential we know details to protect you the client and adhere to our insurance terms.
Patch test - This is a skin test we carry out in the salon to test for potential allergic reactions to certain treatments. We keep this on file so all therapists know you are able to have that treatment and in the event of a reaction we know what was used and when.
Treatment history - This is so each therapist can see what and how the last therapist carried out a treatment on you to ensure results are consistent amongst all staff.
Your Consent - We require you to read and sign a paragraph that allows us to obtain this information lawfully from you and legally store it in accordance with GDPR.
Your Contact preferences - If you wish to be on a our mailing list you must opt in otherwise we can not legally send you our newsletters and special offers.
Your consent to use treatments photos - Some of our treatments involve before and after photos on salon devices to aid the client experience and proof of progress/treatment.
Sometimes we like to use these on social media and need your permission to do so. Mainly but not limited to Nails, Eyelashes.
Your signature - To prove it was you that was present in the salon and that you answered all of the above to the best of your knowledge and honestly.
That you agree to Your Body Business holding you data on our digital online booking system database (Ovatu) and on paper form in our secure locked filing cabinets.
HOW INFORMATION ABOUT YOU WILL BE USED
By law, we are allowed to use personal information, including sharing it outside the salon, only if we have a proper reason to do so, for example:
To fulfil a contract with you ie to provide the service or treatment you have requested and to communicate with you about your appointments
When it is in our legitimate interest ie there is a business or commercial reason to do so, unless this is outweighed by your rights or interests
When you consent to it: we will always ask for your consent to hold and use health and medical information.
We will therefore share your information with:
Providers of our salon IT systems: Ovatu and Microsoft
Suppliers of our website: Wix and Google
Marketing emails: Mail Chimp
We DO NOT sell or share your personal data with anyone.
No other third party including our accountant has any client personal data.
We have rigorous data protection and security policies in place with all our suppliers.
Some of the people working in our salon are self-employed.
Where software systems and reception facilities are shared, our self-employed colleagues will have access to your information.
We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.
We would like to send you information about products and services which may be of interest to you.
We will ask for your consent to receive marketing information.
If you have consented to receiving marketing, you may opt out at a later date.
You have the right at any time to stop us from contacting you for marketing purposes or giving your information to third party suppliers of products or services.
If you no longer wish to be contacted for marketing purposes, please contact us on firstname.lastname@example.org
HOW LONG YOUR INFORMATION WILL BE KEPT FOR
We are required to keep your data for 7 years.
Information about unsuccessful job applicants will be deleted after four months.
CCTV images are automatically deleted after 30 days.
HOW YOUR DATA IS STORED
Your data is in digital and paper form at The Beauty Studio.
Paper copies of consultation forms are stored alphabetically in a locked filing cabinet that only staff of The Beauty Studio have access to.
Digital information is stored using Ovatu online booking system with cloud software and is password protected. Only The Beauty Studio Therapist / Receptionist have this password and certain areas are restricted even further to management only.
Electronic devices at The Beauty Studio comprise of an main reception Computer to operate Ovatu software, iPhone and iPad all of which are password protected and none contain client personal data.
The phone and tablet contain client images from previous treatments with client permission and are not used for any marketing purposes other than agreed by the client in their consultation form.
Photos do not contain personal details.
YOUR RIGHT TO ACCESS OR ERASE
Your data control officer for The Beauty Studio is Hannah Smith.
In the event of a breach of personal data you will be contacted by the above mentioned person within 72 hours of discovery.
You have the right to be forgotten.
If at anytime you no longer wish to be on The Beauty Studios database that's no problem, simply send an email to email@example.com and we will remove your digital file and then cross shred your paper file and ensure if you opted onto our mailing list that this is also removed.
You have the right to access your personal data that The Beauty Studio holds and the right to rectification if it is incomplete, incorrect or out of date.
You also have the right to Data portability if you wish us to transfer some personal data if you a moving towns to another salon.
You also have the right to object to processing and direct marketing. Your data can remain in one place but not used.
We use Ovatu and Mail Chimp to send email e-newsletters to inform you about products, services and treatments provided by our salon.
You have the opportunity to unsubscribe from e-newsletters at any time (check the bottom of the email).
E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity.
We use this information to refine future email campaigns and provide you with more relevant content based around your activity.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This is used to track visitor use of the website and to compile statistical reports on website activity.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser.
However, in a few cases some of our website features may not function as a result.
CHANGES TO OUR PRIVACY NOTICE
We keep our privacy notice under regular review and we will place any updates on this website or on the printed copy.
This privacy notice was last updated on 22nd May 2018.