General Data Protection Regulations Policy for Deb's Beauty Salon
Deb's Beauty Salon is committed to protecting and processing your personal data in accordance
with the General Data Protection Regulations and the Data Protection Act 2018 ( the legislation ).
For the purposes of the legislation and your personal data, Deb's Beauty Salon, is the data
controller. Deborah Ascroft is the person responsible for data protection and can be contacted at:
Deb's Beauty Salon, 1 Reading Road, Chineham, Basingstoke, RG24 8LN. Tel: 07832 137383
The General Data Protection Regulations are to safeguard your personally identifiable information or
personal data. This policy notice will be regularly reviewed and updated.
Information we collect and hold
The personal data we need to hold include names, addresses, postcodes, contact telephone numbers, contact email addresses and in some cases medical information (age and health conditions), relevant history of treatments. For the clients under the age of 16, we will only keep and use their personal information, with the consent of a parent, carer or guardian.
Why do we need this information?
We need all the details above in order to ensure that it is safe for us to provide the treatments you may ask for, for your protection (as in some cases some information may suggest that certain treatments or products should not be used , e.g. allergies pregnancy, skin conditions) and also for our insurance purposes within our industry. If you do decide not to share your personal data /information, then we’re afraid we cannot offer any treatments at Deb's Beauty Salon.
How long will we retain your information?
We will store your information for a minimum of 7 years by law, again for insurance purposes within our industry. If however, you are no longer attending the salon, at this time the information will be destroyed securely.
How we will use this information?
We will use your information in salon only, in some cases for treatments that you may request (for your safety). The information will never be passed to a third party or sold for marketing purposes of any sort. We may also from time to time contact you with regards to relevant offers, services or promotions that are running within salon (with your consent, and with a signed Deb's Beauty Salon privacy statement). You do not have to consent to contact with regards to offers etc. to still receive treatments and consent for us to contact for relevant offers can be withdrawn at any time by contacting the salon.
Where is data stored ?
Your personal data will be stored safely and securely on paper within salon only.
Lawful basis of processing
There are 6 lawful bases of processing your data which are consent, contract, legal obligation, vital interests, public task and legitimate interests. At least one of these must apply for us to process personal data.
Consent – you have given us clear consent to process your personal data for a specific purpose/to be able to provide your treatments.
Contract – the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering the contract/you have asked us for a treatment/treatments.
Legal obligation – the processing is necessary for us to comply with the law/insurance purposes.
You have the right to check your personal data, to rectify if you believe the data we hold is inaccurate or incomplete.
We want to make sure that your personal data is accurate and up-to-date at all times. You have the right to ask for your data to be erased/removed (right to be forgotten) for example, where there is no reason for the information’s continued processing or where your consent is withdrawn . We will comply with your request unless we have another basis of processing justifying our retaining the data (for example a legal requirement).
How to contact us:
Please contact us if you have any questions about our policy, concerns or information which we hold about you :
By email: firstname.lastname@example.org
Or write to us at:
Deb's Beauty Salon
1 Reading Road
If you believe we are not handling your data correctly, you also have a right to make a complaint. This should be sent to us using the above details.
If you are unhappy with our response, you should then contact the supervisory authority responsible
for data protection, which is the Information Commissioner’s Office;
Contact by phone: 0303 123 1113
By email: Using the form on the website ico.org.uk