The Garden Retreat Privacy Policy
About this Privacy Policy
This policy sets out how The Garden Retreat collects, stores and uses information when you visit the salon, our website and where we otherwise obtain or collect information about you. This Privacy Policy is effective from 25 May 2018.
How we obtain, store and use your information
We collect your data in several ways, as detailed below:-
- In the salon using a printed Client Registration Form, details of all the information we collect can be found under the heading ‘what personal data we collect and why’. All the relevant information including name, address (optional), date of birth, email address, treatment history and any medical conditions or contra indications are kept in a locked filing cabinet within the salon.
- Via our contact form on our website for you to contact the salon with any enquiries. We ask for your name and email address with a comment. Your details are not added to our mailing list.
- Social media – you may contact us via our Facebook or Instagram pages and we will reply but we do not pay to or use your personal data.
What personal data we collect and why
When you arrive for your initial salon appointment we will ask you to complete a client registration form. We require several personal details for the following legal reasons:-
- Your full name, so we can ensure we can communicate with the correct person.
- Date of birth – for the emergency services in case of an emergency whilst at the salon
- Address – optional
- Mobile phone number – to contact in emergencies, send appointment reminders
- Medical history – to ensure we are able to safely carry out treatments on you without causing harm and to adhere to our professional insurance guidelines
- Allergies – to ensure we don’t use any products during a treatment or around you at the salon which could cause you harm or irritation and to comply with our professional insurance guidelines
- Medication – to make sure we do not perform a treatment which may affect/cause irritation to a medical condition or medication and to adhere to our professional insurance organisation
- Patch test – this is a skin test requirement for certain treatments – tinting, lash lifting, tanning and lash extensions to ensure there are no allergies present
- Treatment history – this enables each therapist to see which treatments you have previously received, products used, and to ensure consistency
- Your consent – this is needed for you to confirm and sign all details are correct and you are happy for the salon to hold your details and legally store it under GDPR regulations
- Your contact preferences – this is for you to indicate how or if you would like to be contacted to receive newsletters/special offers. This is optional
- Your signature – to prove all the information you have given the salon is given to the best of your knowledge and honestly and that you agree for us to hold certain information on the salon mobile phone and for the paper copy to be held in our locked filing cabin
How your data is stored
All paper data is stored in a locked filing cabinet within the salon and access is only permitted by senior salon staff. Digital information is also stored on our salon I-phone and our email system on our hp laptop – both are password protected, neither of which contain client’s personal data
How long we hold your personal data for
In line with advice from HMRC and our professional insurers, we keep client information for 7 years from date of visiting the salon. They are kept securely during this time and only relevant employed salon staff have access to this information. We do not share or sell your personal details to anyone.
You can request access to your personal information and can request correction of that information should the information be out of date or incorrect.
The data control officer for The Garden Retreat is Alison Wirth
In the event of a breach of personal data you will be contacted by the above mentioned person within 72 hours of discovery.
You have the right to request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. If at anytime you no longer wish to be on our systems, simply send an email to Alison at thegardenretreat@btinternet.com and I will remove your digital file and then cross shred your paper file. You also have the right to Data portability if you wish us to transfer some personal data. You also have the right to object to processing and direct marketing.
Changes to this Privacy Policy
Any changes we make to this privacy notice in the future will be posted on this page. Please check frequently to see any updates or changes to our privacy notice.