3 High Street

Sedgefield

TS21 2AU

01740 623869

Baroquebeauty@hotmail.co.uk

Home Contact Us Treatments Offers Privacy notice Testimonials

Privacy Notice:

Introduction

This privacy notice tells you how we collect, process and use your personal data.  We, Baroque Beauty Lounge are the data controller and have responsibility for your personal data.

To make this a little easier to follow we have created a separate privacy notice for the use of cookies. Please click here if you would like to read it.


What information do we collect?

Booking information; Full name, email address and contact number.

Transactional information; details of payments made between us and details of purchases made by you.

Treatment information; appointments, full treatment records.

Consultation information; medical and health information, allergies.

Marketing information; full name, email address, mobile number.


How do we collect it?

We collect all of our information directly from you unless a client is under 16, in which case we collect their information from a parent or guardian.


How do we use your personal data?

We only process your data in lawful ways where a clear legal basis exists. Below we have outlined, in a table, our various processing activities and what are legal basis for this processing is.

  










  

















Marketing Communications.

We like to send out updates about our services and products, promotions, special offers, news and events. We do this by email and/or by text and is usually only done once a month. Occasionally we may send out more frequently.

We will only do this if you have opted in to receive these communications. When you make your first booking with us you will receive a welcome email which includes a link in it to update your preferences or you can ask to resend you this link. This link allows you to opt in or if at a later date you change your mind you can use it to opt out. You can also request to opt out by emailing us at baroquebeauty@hotmail.co.uk.


Who might we share your information with?

We would like to stress that we keep your data in the strictest of confidence and have tight policies in place to ensure it is protected. We also will never sell your data to any third parties. However, in order to run our business successfully, we do need to use certain third party processors to carry out services or insurances for us. Any company that processes data on our behalf is obliged to have contracts in place with us, the controller, that meet the requirements of the Information Commissioners Office. We have listed below the companies who process data on our behalf.

Our salon management system is Ovatu and we use this to manage all of your bookings, transactions, treatment records and consultations.

We also use mail chimp to send out email marketing. If you have opted in for us to subscribe you to this then we only share your full name and email address with them.


In the event of a claim against us, we would hand over all records relating to that claim to our insurance company. This is classed as an exemption under the GDPR. More information on this can be found at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/exemptions/



How long do we keep hold of your information?

As per our insurance contracts we must store your full data history for 7 years after your most recent treatment/purchase with us. If you are under 18 at the time of this then we must store your data history for 7 years after the date you turn 18.


How can you access the information we hold about you?

To make a subject access request then please email us at baroquebeauty@hotmail.co.uk. We may ask you a few security questions to confirm your identity.


How can you delete the information we hold about you?

As explained above, we must keep your records for 7 years after your final treatment with us and cannot delete them until then. If you have never had a treatment or made a purchase with us, or it has been over 7 years since you last did you can request for your data to be deleted by emailing us at baroquebeauty@hotmail.co.uk. We may ask you a few security questions to confirm your identity.


How can you update the information we hold about you?

We always email out your consultation form to be updated before your treatment (or give you your paper version in person to update if that’s how you complete yours.) This way your consultation/medical information is always as accurate as possible allowing us to maintain the highest level of safety for your treatments. If your name or any of your contact details change then you can ask us to update them by emailing us at  baroquebeauty@hotmail.co.uk, calling us on 01740 623869 or in person. We may ask you a few security questions to confirm your identity.


How do we keep the data secure?

We have strict policies in place to keep your data secure and all our staff are trained on this as part of their induction and through ongoing training. We keep all paper copies of your data in our office which has an automatically locking door. If we need to delete your paper information, we shred it first. For electronic security, we have several levels of protection. The computer in reception is password protected and is locked whenever it is left unsupervised. Our booking system is also password protected and locks us out after several minutes of not being used on a pc or laptop. We do use the booking systems on our phones and each individual staff member has their own log in and must enter their password every time the open the app. It will automatically lock them out if they are inactive for 30 seconds or close the app. So even if their phones are lost, your data is safe. We change all of our passwords and revoke all access privileges as soon as a staff member ceases employment. As part of their processing contract with us, our booking system uses several levels of security and encryption to further protect your data -please contact us if you would like to know more about this.


If there were to ever be a data breach that affects you, we will follow all legal requirements to notify the Information Commissioner’s Office and yourself.

Baroque Beauty Lounge Sedgefield - Privacy Notice

Purpose/Activity

Type of Data

Legal Basis

To register you as a new client Booking information For the performance of a contract with you.

Booking information


For the performance of a contract with you.  


Managing appointments with you


Booking information

Transactional information

Treatment information

For the performance of a contract with you.

Ensuring treatments are safe and appropriate


Treatment information

Consultation information

Legitimate interests.

Maintaining full treatment records


Booking information

Transactional information

Consultation information

Treatment information

Legitimate interests.

Marketing


Marketing information

Consent