This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data, and keep it safe.
We know that there’s a lot of information here, but we want you to be fully informed about your rights, and how Handsome & Gorgeous Ltd use your data.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
It’s likely that we’ll need to update this Privacy Notice from time to time. We’ll notify you of any significant changes, but you’re welcome to come back and check it whenever you wish.
When you are using the Handsome & Gorgeous website, Handsome & Gorgeous Ltd is the data controller.
For simplicity throughout this notice, ‘we’ and ‘us’ means Handsome & Gorgeous Ltd.
Who we are:
Handsome & Gorgeous is a Hair, Beauty and Sunbed Salon.
Handsome & Gorgeous is registered in England and Wales with it’s registered office at:
65 South Street, Bishop’s Stortford,
Hertfordshire CM23 3AL
We pride ourselves on offering World Class Customer Service to each and every one of our male and female clients. A warm, friendly welcome awaits you and every treatment is carried out with a thoroughly professional and caring approach in mind.
Our aim is to provide you with an experience that exceeds your expectation, where nothing is ever too much for us.
We love what we do and will offer you an ethical and well cared service.
This policy will explain what information we collect about you and how we use it, as well as your rights.
We are 100% committed to deliver great service standards and excellent customer service
An explanation of the legal basis we rely on:
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
In certain circumstances, we need your personal data to comply with our contractual obligations. For example, if you order an item from us such as a Gift Card online for delivery, we’ll collect your address details to deliver your purchase, and pass them to our courier.
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity to law enforcement.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we will use your purchase / service history to send you or make available personalised offers.
When do we collect your personal data and how?
Here at Handsome & Gorgeous we take privacy very seriously and only use the information we collect to provide our services. We do not share or sell the information that we collect for any other purpose than providing the best possible service for our clients. At any time, you may request a copy of the information we have recorded about you. You may also request we remove all identifiable information with respect to yourself. As a matter of course, we will delete your identifiable information if you have not undertaken business with us after 6 years.
We collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product or apply for a job, whether contact is online, on paper, by email or over the phone.
The information you give us may include your name, address, date of birth, email address, phone number, relevant history which may suggest that a service or treatment should not go ahead or certain products should not be used (eg allergies, pregnancy, skin conditions), payment and transaction information and CVs.
Please note: At the time of registration in the salon you may have been asked or will be asked to provide a signature & fingerprint to confirm and create your unique account. The fingerprint is not a direct copy of your own, instead this is stored as a numerical pattern. We will continue to create accounts in this way however whether you choose to leave a fingerprint will be at your own discretion and is not mandatory.
Other areas to we collect data;
- When you create an account with us.
- When you use your account to buy products by visiting our website, over the phone or in store.
- When you engage with us on social media.
- When you contact us by any means with queries, complaints etc.
- When you enter prize draws or competitions.
- When you choose to complete any surveys we send you.
- When you comment on or review our products and services.
- Any individual may access personal data related to them, including opinions. So if your comment or review includes information about companies we work in conjunction with who provided that service, it may be passed on to them if requested.
- When you fill in any forms. For example, treatment forms, we may collect your personal data.
- When you’ve given a third party permission to share with us the information they hold about you.
- When you use our salon this has CCTV systems operated for the security of customers, employees and visitors and to prevent crime. These systems may record your image during your visit.
- Payment card information.
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
- When you contact us by telephone we may record and monitor calls for security and training purposes, these calls may record personally identifiable information.
How and why do we use your personal data?
We request the minimum level of personal information to run our business effectively. This is data you provide to us directly, for example, your name, contact details and date of birth. We will never obtain information about you indirectly from sources outside our business. We store notes with respect to services we undertake to ensure we maintain and exceed our level of service. For example, your preferred hair style, colour formula codes, how you like your coffee and who your favourite stylists / therapists are, and any information that you provide us with from consultation forms. We consider you have provided consent for us to store personally identifying information and information about your services based on you receiving services from us. Depending on the particular service(s) we are providing we may be required to ask questions related to your medical history. We will obtain your consent prior to storing information related to your medical history. Examples of medical data may be allergies, pregnancy or an injury that may impact our service.
How we protect your personal data
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. Access to your personal data is password-protected, and sensitive data such as payment card information is stored securely for a limited time and then destroyed.
Your information is stored on secure servers provided by Phorest Salon Software (our salon system) and Green Stripe Media (website). Any payment transactions are encrypted. Sending information via the internet is not completely secure, although we will do our best to protect your information and prevent unauthorised access.
CCTV images are held securely on site.
We regularly monitor our system for possible vulnerabilities.
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. We’ll keep the personal data you give us for seven years so we can comply with our legal and contractual obligations.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
Who do we share your personal data with?
We sometimes share your personal data with trusted third parties. For example, our Salon Software provider, IT / Website provider.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- IT companies who support our website and other business systems.
- Operational companies such as salon software provider
- Google/Facebook to show and share recent refers.
What are your rights over your personal data and access to it?
You have the right to request a copy of the personal information that we hold about you. This will normally be free, unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.
If you would like a copy of some or all the personal information that we hold of you, please contact Mandy Vaughan on email@example.com
We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or remove information that you think is inaccurate.
You have the right to ask us to stop the use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.
How you can stop the use of your personal data for direct marketing:
There are several ways you can stop direct marketing communications from us:
- Click the ‘unsubscribe’ link in any marketing email communication that we send you.
- Contact our Team by telephone on 01279 658213 or email at firstname.lastname@example.org
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
For transparency, listed below are the business services we provide for your appointments and how each service uses the information we collect.
Appointment confirmations and reminders:
We will contact you via phone, email or SMS to confirm appointments booked and remind you of upcoming appointments. We consider you having made the appointment as consent to undertake this activity but, if you want, you may opt-out at any time.
Appointment ratings and reviews:
After visiting us we may send you an email or SMS asking you to rate our services and provide feedback. We consider your agreement and participation in the service as consent to undertake this activity but, if you want, you may opt out at any time.
We consider becoming a member of our loyalty program as consent to send you emails related to the loyalty program but, if you want, you may opt out at any time.
We will not undertake phone, mail, email or SMS marketing without you first providing consent for us to do so. For anyone already on our database, an email has been sent informing you on what to do should you wish to stop or keep receiving emails from us. All new clients going forward will be able to opt in or out of SMS and Email communications when registering with us.
You have the opportunity to unsubscribe from email and SMS marketing at any time.
E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity. We use this information to refine future email campaigns and provide you with more relevant content based around your activity.
Data processors and data locations:
We use leading software solutions within our business to provide the services listed above. These software solutions store and process data our service and client data on servers in numerous locations outside our business premise. For a list of software providers and data storage locations please email us at email@example.com requesting this information.
You may come across hyper-links on our site. These hyper-links may take you to sites operated by other organisations which you agree we are not responsible for. When preparing our website we have taken every care possible. However, we have no control over any of the information you can access via other web sites and, in particular, we are not responsible for the privacy policies adopted by such other websites. Therefore, no mention of any organisation, company or individual to which our web site is linked shall imply any approval or warranty as to the standing and capability of any such organisations, company or individual on the part of Handsome & Gorgeous. When you link to other websites you should read their own privacy notices.
Contacting the Regulator:
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns (opens in a new window; please note we can’t be responsible for the content of external websites)
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
Any questions or how to contact us?
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it. If you have any questions that haven’t been covered, please contact us.
You may contact us at firstname.lastname@example.org to:
- Request information we have stored about you.
- Request we remove all identifying information about you.
- Make a complaint.
Handsome & Gorgeous is committed to high standards of information security, privacy and transparency. We place a high priority on protecting and managing your data in accordance with accepted standards. The company will comply with applicable GDPR regulations, whilst ensuring we commit to these key areas;
What personal data do we collect/store, making sure its relevant.
Obtaining it fairly and are clear about the purpose and use of the data given to us, with the correct consent sought to use that data if needed i.e email, SMS.
We will ensure we aren’t holding the data for any longer than is necessary and as well as keeping it up-to-date.
We keep the data safe and secure using a level of security appropriate.
If collecting or processing any special categories of personal data, such as ‘Sensitive Personal Data / Medical information’ we process this in accordance with guidelines.
Finally, If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.