Beauty by Janice Limited understands that you care about how your personal data is used. We respect and value the privacy of everyone who visits this salon and will only collect and use personal data in ways which are described here and in a manner that is consistent with our obligations and your rights under the law. The General Data Protection Regulation (GDPR) is the law governing the processing of personal data and the rights of individuals in connection with their personal data.
Beauty by Janice Limited is the ‘Data Controller’. Beauty By Janice Ltd is a private limited liability company registers in England & Wales under company number 06255949. Our usual place of business is 10 High Street, Flitwick, Bedfordshire, MK45 1DS. Our contact telephone number is 07895 779711 and our e-mail address is firstname.lastname@example.org.
What do we collect?
We keep a record of your name, contact information, address, telephone number, email address and date of birth. All this information is classified as ‘personal data’. In addition, we keep details of medical information which may affect your treatment with us – this is classified as ‘sensitive personal data’.
How do we use your personal data?
We comply with our obligations under GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data. We do not use any form of automated decision making when processing personal data.
We may use your data for any of the following purposes:
- to deal with your request or enquiry;
- to keep records of the treatments you have had, the products you have bought, any allergies or medical conditions you may have which may impact on treatments, to record the settings for treatment machines, etc.;
- to process, administer and take deposits/payment for your appointment(s) and/or product purchase(s);
- to send you appointment reminder text
- to contact you in the rare circumstances of a change to your appointment eg therapist illness;
- for internal record keeping, business administration (including employment of staff), business development and research
- to comply with legal, regulatory and other good governance obligations (including in connection with a court order, government investigation or when otherwise required by law).
WHAT is the legal basis for processing your personal data?
We process medical information with your consent. We process all other personal data because we have a contractual obligation to or because we are required to do so by law or because it is in our legitimate interests.
How and where do we store your data?
Your written client information is stored securely for 5 years. Your data is also held on a pin protected cloud based server based in the UK. Your data is archived 18 months after your last visit to the salon.
Do we share your data?
Your personal data will be treated as strictly confidential. We will not individually share your personal data with any third parties without your consent EXCEPT:
- with the emergency services in case of an emergency; .
- with our insurers and advisers (and any of our suppliers if relevant) in the event of a claim against Us;
- with any other organisation or entity, if we are required by law to do so.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –
- the right to request a copy of your personal data which we hold about you;
- the right to request that we correct any personal data if it is found to be inaccurate or out of date;
- the right to request your personal data is erased where it is no longer necessary for us to retain such data;
- the right to withdraw your consent to the processing at any time;
- the right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable);
- the right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- the right to object to the processing of personal data, (where applicable);
- the right to lodge a complaint with the Information Commissioners Office.
HOW to make a complaint.
To exercise all relevant rights, queries or complaints please in the first instance contact Janice Beal, the owner of Beauty By Janice Limited using the contact details shown in ‘About Us’ above.. If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office.