Privacy Policy for The Strand Salon
At The Strand Salon, your privacy is of paramount importance to us. This Privacy Policy outlines how we collect, use, disclose, and protect information gathered through our services and this online platform. We are committed to transparency and compliance with relevant data protection laws, including the UK General Data Protection Regulation (UK GDPR).
1. Information We Collect
We collect personal information directly from you when you interact with us, whether by booking an appointment, visiting our salon, or communicating with us. The types of personal data we may collect include:
- Client Data: Name, contact details (phone number, email address), and appointment history.
- Service-Related Information: Details about your hair type, preferences, past treatments, and any allergies or sensitivities relevant to the services we provide (e.g., hair colour sensitivities). This information is collected to ensure the safety and quality of our hairdressing services (haircuts, styling, colouring, perms, treatments, etc.).
- Communication Data: Records of your correspondence with us via phone, email, or in-person.
- Payment Information: While we process payments for services, we do not store full payment card details on our systems. Transactions are securely processed through third-party payment processors.
2. How We Use Your Information
We use the information we collect for various purposes, primarily to provide and improve our hairdressing services:
- To Provide Services: To book and manage appointments (haircuts, styling, colouring, perms, hair treatments, scalp massage, wedding hair, special occasion hair), perform the requested services, and ensure client satisfaction.
- Communication: To send appointment confirmations, reminders, and respond to your inquiries or requests.
- Personalisation: To tailor services and recommendations based on your preferences and previous treatments, ensuring a bespoke experience.
- Safety and Health: To record any allergies or sensitivities to products to prevent adverse reactions during treatments.
- Improvement of Services: To understand how our services are used and to make improvements.
- Legal and Regulatory Compliance: To comply with legal obligations and protect our legitimate business interests.
3. Lawful Basis for Processing
Our lawful bases for processing your personal data include:
- Performance of a Contract: Processing is necessary for the provision of the services you request (e.g., booking and performing hairdressing services).
- Legitimate Interests: For managing our business, improving our services, and communicating with you, provided these do not override your privacy rights.
- Consent: Where required, we will obtain your explicit consent for specific processing activities, such as for marketing communications. You have the right to withdraw your consent at any time.
- Legal Obligation: Where processing is necessary to comply with a legal or regulatory obligation.
4. Data Sharing and Disclosure
We do not share, sell, rent, or trade your personal data with third parties for their marketing purposes. We may disclose your information in the following limited circumstances:
- Service Providers: We may share data with trusted third-party service providers who assist us in operating our business and providing services (e.g., online booking systems, payment processors). These providers are contractually obligated to protect your data and only use it for the purposes for which we disclose it to them.
- Legal Requirements: If required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).
- Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
5. Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
6. Your Data Protection Rights (UK GDPR)
Under UK GDPR, you have the following rights regarding your personal data:
- The Right to be Informed: To know how your data is being used.
- The Right of Access: To request a copy of the information we hold about you.
- The Right to Rectification: To correct inaccurate or incomplete personal data.
- The Right to Erasure (ʼRight to be Forgottenʼ): To request the deletion or removal of your personal data where there is no compelling reason for its continued processing.
- The Right to Restrict Processing: To block or suppress the processing of your personal data in certain circumstances.
- The Right to Data Portability: To obtain and reuse your personal data for your own purposes across different services.
- The Right to Object: To object to processing based on legitimate interests or direct marketing.
- Rights in Relation to Automated Decision Making and Profiling: To have human intervention in decision-making and to challenge decisions made solely on automated processing.
To exercise any of these rights, please contact us using the details provided below. We will respond to your request in accordance with applicable data protection laws.
7. Security of Your Information
We implement appropriate technical and organisational measures to protect the personal data we process from unauthorised access, alteration, disclosure, or destruction. This includes secure data storage, restricted access to personal data, and staff training on data protection.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post any changes on this page, and the updated policy will be effective immediately upon posting. We encourage you to review this Privacy Policy periodically.
9. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
The Strand Salon
147 Broad Street, Ground Floor
Birmingham, West Midlands
B1 2JR
UK
Phone: 0121 496 0123
10. Right to Lodge a Complaint
You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), if you believe your data protection rights have been infringed. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.