- What information we collect about you
- How information about you will be used
- How long your information will be kept for
- Where your information is kept
- Access to your information and correction
- Other websites
- Changes to our privacy notice
- How to contact us
WHAT INFORMATION WE COLLECT ABOUT YOU
We collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product, respond to our marketing campaigns or interact with our social media pages, whether contact is in person, online, on paper, by email or over the phone.
The information that we hold may include;
- Basic details including, your name, address, email address, phone number, details on emergency contact.
- Relevant medical history, medical notes (including any doctors consents) which may suggest that a service or treatment should not go ahead or certain products should not be used.
- Treatment history, details of services provided, products used and products purchased.
- Customer experience feedback and reviews.
- Information from customer surveys, competitions and marketing activities.
- Information about complaints and incidents.
- Payment and transaction information.
- IP address.
For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.
HOW INFORMATION ABOUT YOU WILL BE USED
In law, we are allowed to use personal information, including sharing it outside the salon, only if we have a legitimate reason to do so, for example:
- To fulfil a contract with you e.g. provide the service or treatment you have requested and to communicate with you about your appointments
- For record keeping and administration
- When it is in our legitimate interest e.g. there is a business or commercial reason to do so, unless this is outweighed by your rights or interests.
- When you consent to it e.g. for salon news and marketing emails.
- When visiting the salon to comply with government requirements regarding ‘track and trace’ due to the coronavirus pandemic.
We use a third party Phorest salon software, to help us securely store your personal data and online consultation forms, manage the appointment diary, online booking, salon marketing, emails, text message service and financial information.
Third party providers used by us will only collect and use the information that is necessary to allow them to perform the service they provide to us.
Other third parties we use are;
- Stripe, online card payment processor with our online booking.
- Dermalogica, providers of our skin consultation software.
- WordPress, our website service provider.
- Mailchimp, marketing automation platform.
We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.
We would like to send you information about salon news, products and services which may be of interest to you. We will ask for your consent to receive marketing information.
If you have consented to receiving marketing, you may opt out at a later date.
You have the right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please use the opt out or unsubscribe link which you will find on all our marketing emails and SMS or contact Karen on 0131 663 2221 or at firstname.lastname@example.org.
The information we collect about employees, the purposes it is used for and who it will be shared with is set out in our employment contracts and employee handbook.
HOW LONG YOUR INFORMATION WILL BE KEPT FOR
We will only keep your personal information and treatment records for as long as necessary and in accordance with the UK and Scottish law.
- Unless you request otherwise, we will keep your information to contact you for marketing received through our consultation process and Phorest salon software, no more than for a maximum of 2 years from your last visit to the salon.
- When you subscribe to Mailchimp marketing through our website or other social media channels, you will continue to receive these marketing email unless you unsubscribe or contact us to request your information be removed.
- Client treatment history and records, medical and contra-indication records etc will be kept for 7 years from the date of your last treatment.
- In the case of minors, we are required to keep treatment history and records, medical and contra-indication records etc for 7 years from the date they turn 18.
- Financial records will be kept for 6 years from the business financial year-end in which payments were made.
WHERE YOUR INFORMATION IS KEPT
Your information is stored within the European Economic Area on secure servers provided by a third-party Phorest Salon Software. Any payment transactions for our online booking system, provided by Phorest are encrypted and processed by a third-party, Stripe. Any paper records are stored securely in the salon or in safe archive storage. We have procedures and security measures in place which restricts access to your information.
Sending information via the internet is not completely secure, although we will at all times endeavour to protect your information and prevent unauthorised access.
ACCESS TO YOUR INFORMATION AND CORRECTION
You have the right to request a copy of the personal information that we hold about you. This will normally be free, unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.
If you would like a copy of some or all of your personal information, please contact Karen Robertson at email@example.com.
We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or remove information you think is inaccurate.
You have the right to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.
We email e-newsletters to inform you about salon news, services, treatments, products and offers provided by Peaches Eskbank. You have the opportunity to unsubscribe from e-newsletters at any time.
E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity. We use this information to refine future email campaigns and provide you with more relevant content based around your activity.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
CHANGES TO OUR PRIVACY NOTICE
We keep our privacy notice under regular review and we will place any updates on this webpage. This privacy notice was last updated on 22 May 2018.
HOW TO CONTACT US
Please contact us if you have any questions about our privacy notice or information we hold about you:
- By email – firstname.lastname@example.org
- Or write to us at – Peaches Eskbank, 5 Lasswade Road, Eskbank, Dalkeith EH22 3DZ
You can find out more information or report a concern on the Information Commissioner’s Office website – www.ico.org.uk.