Positive Skin may be referred to in this document as (“We”, “Our”, “Us”)
This privacy notice explains how I, Kay Cooper, trading as Positive Skin, looks after personal information you give me or that I learn by having you as a client and the choices you make about marketing communications you agree I may send you. This notice explains how I do this and tells you about your privacy rights and how the law protects you.
What information I collect about you
How information about you will be used
How long your information will be kept for
Where your information is kept
Access to your information and correction
Changes to my privacy notice
How to contact me
WHAT INFORMATION I COLLECT ABOUT YOU
I collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment or buy a product. Whether contact is online, on paper, by email or over the phone.
The information you give me may include your name, address, email address, phone number, relevant history which may suggest that a service or treatment should not go ahead or certain products should not be used (eg allergies, pregnancy, skin conditions), payment and transaction information, IP address.
For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.
HOW INFORMATION ABOUT YOU WILL BE USED
In law, I am allowed to use personal information, including sharing it outside the salon, only if I have a proper reason to do so, for example:
To fulfil a contract with you ie to provide the service or treatment you have requested and to communicate with you about your appointments
When it is in our legitimate interest ie there is a business or commercial reason to do so, unless this is outweighed by your rights or interests
When you consent to it: I will always ask for your consent to hold and use health and medical information. This information will never be shared.
I will therefore share your information with:
Providers of my salon IT systems: Ovatu Pty Ltd
Suppliers of website: Wes And Co
Marketing emails: MailChimp
ChatBox Provider: Manychat Inc
My providers have their own GDPR privacy policies to unsure they are up to date with the law.
I will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.
I would like to send you information about products and services which may be of interest to you. I will ask for your consent to receive marketing information.
If you have consented to receiving marketing, you may opt out at a later date.
You have the right at any time to stop me from contacting you for marketing purposes.
This will not include text message reminders of appointments or aftercare emails, as this contact is included within the service package.
HOW LONG YOUR INFORMATION WILL BE KEPT FOR
Unless you request otherwise, I will keep your information to contact you no more than 1 year from your last visit to the salon.
After a year I will archive all your personal information, except for your name, relevant client history (eg allergy test records) which will be kept for 7 years, for insurance purposes and financial transactions (which I am are obliged to keep for 6 years).
WHERE YOUR INFORMATION IS KEPT
Your information is stored within the European Economic Area on secure servers provided by Timely Salon Software. Any payment transactions are encrypted by Square. Sending information via the internet is not completely secure, although we will do our best to protect your information and prevent unauthorised access.
ACCESS TO YOUR INFORMATION AND CORRECTION
You have the right to request a copy of the personal information that I hold about you.
If you would like a copy of some or all of your personal information, please contact me, by email email@example.com.
I want to make sure that your personal information is accurate and up-to-date. You have the right to ask me to correct or remove information you think is inaccurate.
You have the right to ask me to object to my use of your personal information, or to ask me to delete, remove or stop using your personal information if there is no need for me to keep it.
E-NEWSLETTER via MailChimp
I email a monthly newsletter about products, treatments, special offers and blogs about what is happening with the salon, this is via MailChimp, you can opt out from this at any time.
E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity. I use this information to refine future email campaigns and provide you with more relevant content based around your activity.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of my website features may not function as a result.
CHANGES TO MY PRIVACY NOTICE
I keep my privacy notice under regular review and I will place any updates on this webpage or on the printed copy. This privacy notice was last updated on 9th April 2020.
HOW TO CONTACT US
Please contact me if you have any questions about my privacy notice or information I hold about you:
By email firstname.lastname@example.org
By post Kay Cooper, Suite 1 Third Avenue, Westfield Court, Westfield Trading Estate, Midsomer Norton
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern:
DATA RETENTION POLICY
This policy sets out what information Kay Cooper, trading as Positive Skin, holds, how long I hold it for and when it will be deleted.
It also covers the procedure to follow regarding data requests.
Information held by us
How long is personal data held for?
Where is personal data held?
How is personal data deleted?
Access to personal information, correction and deletion
INFORMATION HELD BY ME
I hold personal information about:
Former clients and prospective clients
I also hold information about financial transactions relating to these eg services or treatments provided, products bought.
HOW LONG IS PERSONAL DATA HELD FOR?
I aim not to hold personal data longer than necessary.
Unless requested by an individual, the following types of data will be held for the periods shown below, after which it will be securely deleted or destroyed:
TYPE OF INFORMATION RETENTION PERIOD
Client general records 7 years
Financial transactions, invoices and supplier details 6 years
WHERE IS PERSONAL DATA HELD?
Personal data about clients and financial transactions are held on our secure salon software system which is backed up every day or held in secure electronic files electronically which can be accessed only by myself.
Paper records are held in a locked cabinet or in secure archive storage.
HOW IS PERSONAL DATA DELETED?
Personal data is permanently deleted in accordance with the retention periods listed above from:
Salon software system
Paper records, which are securely shredded.
ACCESS TO PERSONAL INFORMATION, CORRECTION AND DELETION
See my privacy notice
All requests for access to personal information will have to be written.
Responses to requests will be made within 30 days.
All information relating to the individual will be compiled into a report and collected from:
Salon software system
Other electronic records
Paper records (where applicable)