top of page

Privacy Notice

This privacy notice explains how I look after personal information you give me or that I learn by having you as a client and the choices you make about marketing communications you agree I may send you.  This notice explains how I do this and tells you about your privacy rights and how the law protects you.

 

TOPICS:

  • What information I collect about you

  • How information about you will be used

  • Marketing

  • Employment

  • How long your information will be kept for

  • Where your information is kept

  • Access to your information and correction

  • Changes to our privacy notice

  • How to contact us

WHAT INFORMATION WE COLLECT ABOUT YOU

I collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product or apply for a job, whether contact is online, on paper, by email or over the phone. 

The information you give me may include your name, address, email address, phone numbers, relevant history which may suggest that a service or treatment should not go ahead, or certain products should not be used (e.g. allergies, pregnancy, skin conditions), payment and transaction information, and CVs.

For clients under the age of 16, I will only keep and use their personal information with the consent of a parent, carer or guardian.

HOW INFORMATION ABOUT YOU WILL BE USED

In law, I am allowed to use personal information, including sharing it outside the salon, only if I have a proper reason to do so, for example:

  • To fulfil a contract with you i.e. to provide the service or treatment you have requested and to communicate with you about your appointments

  • When it is in my legitimate interest i.e. there is a business or commercial reason to do so, unless this is outweighed by your rights or interests

  • When you consent to it: I will always ask for your consent to hold and use health and medical information.

Lawful Basis for collecting information: 

  • Name and telephone numbers                                                        Performance of Contract

  • Address                                                                                           Legitimate Interest

  • Date Of Birth                                                                                    Performance of Contract- some treatments by law require a minimum age limit to be able                                                                                                  to carry out the service, so we need to confirm age of customer

  • Medical History / Allergy information                                               Performance of Contract - some conditions prohibit certain treatments, so we need to                                                                                                          be aware of this information

  • Photographs of any services                                                           Legitimate interest - these images may be shared on my social media site (Facebook,                                                                                                          Twitter, Pinterest & Instagram) , or my web site I will always obtain consent before                                                                                                                any images are taken or published

I have rigorous data protection and security policies in place with all our suppliers.

I will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law. 

I do not share your information with any third parties, all information held is purely for the sole use of me to carry out my contracts of service with you.

MARKETING

I may like to send you information about products and services which may be of interest to you from time to time.  I will ask for your consent to receive marketing information.

If you have consented to receiving marketing, you may opt out at a later date.

You have the right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please contact maxineknott@outlook.com or contact the salon.

HOW LONG YOUR INFORMATION WILL BE KEPT FOR

Unless you request otherwise, I will keep your information to contact you  for a maximum of 2 years from your last visit to the salon. 

After 2 years I will delete all your personal information, except for your name, relevant client history (e.g. allergy test records which we keep for 4 years) and financial transactions (which we are obliged to keep for 6 years).

Information about unsuccessful job applicants will be deleted after four months.

See my data retention policy for further information.

WHERE YOUR INFORMATION IS KEPT

Any and all paper records will be stored in a locked cabinet within a locked room and access will be recorded.

Sending information via the internet is not completely secure, although I will do my best to protect your information and prevent unauthorised access.

ACCESS TO YOUR INFORMATION AND CORRECTION

You have the right to request a copy of the personal information that I hold about you.  This will normally be free, unless I consider the request to be unfounded or excessive, in which case I may charge a fee to cover my administration costs.  

If you would like a copy of some or all of your personal information, please contact Maxine Knott by post or email maxineknott@outlook.com

I want to make sure that your personal information is accurate and up-to-date.  You may ask me to correct or remove information you think is inaccurate.

You have the right to ask me to object to our use of your personal information, or to ask me to delete, remove or stop using your personal information if there is no need for me to keep it.

CHANGES TO OUR PRIVACY NOTICE

I keep our privacy notice under regular review and I will place any updates on this webpage.  This privacy notice was last updated on 21st May 2019.

HOW TO CONTACT US

Please contact us if you have any questions about my privacy notice or information I hold about you:

  • By email maxineknott@outlook.com

  • Or write to me at Nu U Beauty,Rooms 7 & 7a, 13 Church Street, Old Chapel Court, Oswestry, Shropshire, SY11 2SU

You also have the right to complain to the Information Commissioner’s Office.  Find out on their website how to report a concern:

www.ico.org.uk/concerns/handling

Data Retention Policy

This policy sets out what information I hold, how long I hold it for and when it will be deleted. 

It also covers the procedure to follow regarding data requests.

  • Information held by me

  • How long is personal data held for?

  • Where is personal data held?

  • How is personal data deleted?

  • Access to personal information, correction and deletion

INFORMATION HELD BY ME

I hold personal information about:

  • Clients

  • Former clients and prospective clients

  • Employees

  • Job applicants

I also hold information about financial transactions relating to these e.g. services or treatments provided, products bought..

HOW LONG IS PERSONAL DATA HELD FOR?


I aim not to hold personal data longer than necessary.

Unless requested by an individual, the following types of data will be held for the periods shown below, after which it will be securely deleted or destroyed:

TYPE OF INFORMATION                                                                      RETENTION PERIOD

Client general records                                                                               3 years

Client health records                                                                                 4 years

Financial transactions, invoices and supplier details                                6 years

Job applications (unsuccessful)                                                                4 months after notifying unsuccessful candidates

Emails                                                                                                       One year from the end of the month in which they were received or sent unless a                                                                                                                        longer period is relevant as above. 

WHERE IS PERSONAL DATA HELD?
 

Personal data about clients, financial transactions are held on paper records are held in a locked cabinet, in a locked room.

Personal employees are held on paper records are held in a locked cabinet, in a locked room, which can be accessed only by the owner.

Paper records are held in a locked cabinet in  locked room.

HOW IS PERSONAL DATA DELETED?

Personal data is permanently deleted in accordance with the retention periods listed above from:

  • Emails

  • Paper records, which are securely shredded. 

ACCESS TO PERSONAL INFORMATION, CORRECTION AND DELETION

See my privacy notice at www.nuubeauty.com or contact Maxine Knott at the salon for a paper copy.

All requests for access to personal information will be handled by the owner. 

Responses to requests will be made within 30 days.

All information relating to the individual will be compiled into a report and collected from:

  • Financial transactions

  • Emails

  • Paper records (where applicable)

bottom of page