Hue Salon Privacy Statement (GDPR)
Hue Salon is committed to protecting your privacy and security. In line with the requirements of GDPR, this policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.
As of the 25th May 2018, Hue Salon will request its clients to “opt-in” for marketing communications. This is due to a change to the rules which govern how we can communicate with you, and a new regulation on personal data (the General Data Protection Regulation or GDPR) coming into force in May 2018. As a result, Hue Salon is introducing a new approach that relies on you giving us your consent about how we can contact you. This means you’ll have the choice as to whether you want to receive these messages and be able to select how you want to receive them (email, phone, SMS or post).
You can decide not to receive communications or change how we contact you at any time. If you wish to do so please contact Hue Salon via firstname.lastname@example.org or writing to us at, Hue Salon, 2 Gloucester Street, Bath, BA1 2SE
We will never sell your personal data.
Should you have any questions in relation to this policy or how we use your personal data, please send them to Hue Salon, 2 Gloucester Street, Bath, BA1 2SE
2. ABOUT US
Your personal data (i.e. any information which identifies you, or which can be identified as relating to you personally) will be collected and used by Hue Salon Ltd.
Hue Salon is located at 2 Gloucester Street, Bath, BA1 2SE. For the purposes of data protection law, Hue Salon will be the controller.
3. WHAT INFORMATION WE COLLECT
Personal data you provide
We collect the data you provide to us. This includes information you give when joining or registering with our online booking system, becoming a client in our salons or communicating with us. For example:
personal details (name, date of birth, email, address, telephone etc.) when you join us a client;
financial information (payment information such as credit/debit card. Please see section 8 for more information on payment security)
Information we generate
We conduct research and analysis on the information we hold, which can, in turn, generate personal data. For example, by analysing your services with us we may be able to build a profile which helps us decide which of our communications are likely to interest you. Section 6 (Research and profiling) contains more information about how we use the information for profiling and targeted advertising.
We may collect information from social media where you have given us permission to do so, or if you post on one of our social media pages.
Sensitive personal data
We do not normally collect or store sensitive personal data (such as information relating to health, beliefs or political affiliation) about our clients. However, there are some situations where this will occur (e.g. if you have an accident at our salon or make an insurance claim against Hue Salon). If this does occur, we’ll take extra care to ensure your privacy rights are protected.
Accidents or incidents
If an accident or incident occurs on our property, at one of our events or involving one of our staff then we’ll keep a record of this (which may include personal data and sensitive personal data)
4. HOW WE USE INFORMATION
We only ever use your personal data with your consent, or where it is necessary in order to:
enter into, or perform, a contract with you;
comply with a legal duty;
protect your vital interests;
for our own (or a third party’s) lawful interests, provided your rights don’t override these.
In any event, we’ll only use your information for the purpose or purposes it was collected for (or else for closely related purposes):
We use personal data to communicate with people, in promoting Hue Salon. This includes keeping you up to date with our news, updates, campaigns and service offers and discounts. For further information on this please see Section 5 (Marketing).
We use personal data for administrative purposes. This includes:
maintaining databases of our clients;
performing our obligations under loyalty membership contracts;
fulfilling orders for goods or services (whether placed online, over the phone or in person);
helping us respect your choices and preferences (e.g. if you ask not to receive marketing material, we’ll keep a record of this).
We carry out research and analysis on our clients, to determine the success of campaigns and marketing, better understand behaviour and responses and identify patterns and trends. This helps inform our approach towards campaigning and makes Hue Salon a stronger and more effective company. Understanding our clients, their interests and what they care about also helps us provide a better experience (e.g. through more relevant communications).
Client research and profiling
We evaluate, categorise and profile personal data in order to tailor materials, services and communications (including targeted advertising) and prevent unwanted material from filling up your inbox. This also helps us understand our clients, improve our company and carry out research. Further information on profiling can be found in Section 6 (Research and profiling).
5. DISCLOSING AND SHARING DATA
We will never sell your personal data. If you have opted-in to marketing, we may contact you with information about our services, but these communications will always come from Hue Salon and are usually incorporated into our own marketing materials (e.g. advertisements in magazines or newsletters).
From 25th May 2018, Hue Salon will ask its clients to “opt-in” for most communications. This includes all our marketing communications (the term marketing is broadly defined and, for instance, covers information about Hue Salon and the services it provides).
This means you’ll have the choice as to whether you want to receive these messages and be able to select how you want to receive them (post, phone, email, text).
You can decide not to receive communications or change how we contact you at any time. If you wish to do so please get in touch by emailing email@example.com or writing to 2 Gloucester Street, Bath, BA1 2SE
What does ‘marketing’ mean?
Marketing does not just mean offering things for sale but also includes news and information about:
our services, promotions and discounts, our staff and the company;
Hue Salon benefits and offers;
our events and activities
products, services and offers
When you receive a communication, we may collect information about you respond to or interact with that communication, and this may affect how we communicate with you in future.
7. RESEARCH AND PROFILING
This section explains how and why we use personal data to build profiles which enable us to understand our clients, improve our relationship with them, and provide a better client experience.
Analysis and grouping
We analyse our clients to determine common characteristics and preferences. We do this by assessing various types of information including behaviour (e.g. previous responses) or demographic information (e.g. age or location).
By grouping people together on the basis of common characteristics, we can ensure that the group is provided with communications, products, and information which is most important to them. This helps prevent your inbox from filling up, and also means we aren’t wasting resources on contacting people with information which isn’t relevant to them.
Profiling to help us understand our clients
We profile clients in terms of services purchased. For example, we keep track of the amount, frequency and type of each person’s service record. This information helps us to ensure communications are relevant and timely.
8. YOUNG PEOPLE
Photographs, pictures, stories and competitions on our website and social media sites.
We will always seek your permission if we use your image on our website or any of our social media sites.
If we publish your child’s photograph we will seek parental permission.
Parental permission: If your child is under 18 then we’ll need permission from you as their parent or guardian for them to appear on our website.
Information for parents
We take great care to protect and respect the rights of individuals in relation to their personal data, especially in the case of children. If your child is under 18, we’ll only use his or her personal data with your consent. This means that, for example, if your child wants to have his or her name or picture featured on our website or social media sites, we’ll need you to confirm you’re happy for us to do so.
Marketing for under 18’s
We won’t send marketing emails, letters, calls or messages to under 18 year-olds.
9. HOW WE PROTECT DATA
We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to or use or disclosure of your personal information.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.
If you use a credit card to make a purchase we will pass your credit card details securely to our payment provider Barclaycard.
Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.
Where we store information
Hue Salon operates from and is based in the UK and we store our data within the European Union. Some organisations which provide services to us may transfer personal data outside of the EEA, but we’ll only allow them to do if your data is adequately protected.
For example, our booking systems are provided by WIX. As a US company, it may be that using their software results in personal data being transferred to or accessible from the US. The WIX software data is hosted via Amazon Web Services (AWS) which is GDPR compliant. We are certain this data is adequately protected which is why we allow the software data to be hosted here.
How long we store information
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review what information we hold and delete what is no longer required. We never store payment card information.
11. KEEPING YOU IN CONTROL
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);
the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
the right to have inaccurate data rectified;
the right to object to your data being used for marketing or profiling; and
where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights or wish to exercise them, please write to Hue Salon, 2 Gloucester Street, Bath, BA1 2SE or email firstname.lastname@example.org
You can complain to Hue Salon directly by using the details set out above.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk