The data protection officer for the salon is Shirley Newman. You can contact the data protection officer by sending an email to email@example.com or by writing to Shirley Newman, John Newman Hairdressing & Beauty, 19 Bridge Street, Rothwell, Northamptonshire NN14 6JW.
Personal Data Collected
The personal data that we collect is:
· Phone number
· Email address
Purpose and Legal Basis for Processing Your Data
John Newman Hairdressing & Beauty takes your privacy seriously and only use the information we collect to provide our services. We do not share, sell or distribute the information you give to any third parties. We do not use the information we collect for any other purpose than providing the best possible service for our clients. At any time, you may request a copy of information we have recorded about you. You may also request we remove all identifiable information with respect to yourself.
For transparency, listed are the business services we provide and how each service uses the information we collect.
Hair and beauty related services:
We request the minimum level of personal information to run our business effectively, including your name and contact details. We store notes with respect to services we undertake to ensure we maintain and exceed our level of service. For example, your preferred hair style, colour notes and your favourite stylist. We consider you have provided consent for us to store personally identifying information and information about your services based on your receiving services from us. Depending on the particular service(s) we are providing we may be required to ask questions related to your medical history. We will obtain your consent prior to storing information related to your medical history. Examples of medical data include allergies, pregnancy or an injury that may impact our service.
Appointment confirmations and reminders:
We will contact you via phone, email or SMS to confirm appointments booked and remind you of upcoming appointments. We consider your having made the appointment as consent to undertake this activity but, if you want, you may opt out at any time.
Appointment ratings and reviews:
After visiting us we may send you an email or SMS asking you to rate our services and provide feedback. We consider your agreement and participation in the service as consent to undertake this activity but, if you want, you may opt out at any time.
We consider becoming a member of our loyalty scheme as consent to send you emails related to the loyalty scheme but, if you want, you may opt out at any time.
We would like to send you information about products and services which may be of interest to you. We will not undertake email or SMS marketing without you first providing consent for us to do so. Our marketing campaigns are automated and use rules based on services and products purchased and information we collect from you. For example, we may send marketing campaigns related to your birthday, the fact we miss you (you have not visited for 6 months) and other special days like Valentine’s Day and Christmas. Of course, you may opt out of receiving marketing material at any time.
We need to obtain and process your personal data to provide you with our products, services and treatments and to fulfil our business and legal obligations. We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice.
Where we request sensitive personal data from you (i.e. health or medical data), the reason(s) for the request will be clearly given along with the purposes of the processing. Explicit consent through a signature will always be required for us to obtain and process your health information.
Who is processing my data?
John Newman Hairdressing & Beauty, 19 Bridge Street, Rothwell, Northants NN14 6JW are the data controller and processes your personal information for the purposes laid out in this privacy notice. Phorest, Anglesea Mills, 9 Anglesea Row, Smithfield, Dublin 7, D07 W5NE, Ireland, acts as data processor on behalf of John Newman Hairdressing & Beauty and have access to personal information only in cases that customer support or troubleshooting is required by John Newman Hairdressing & Beauty. Further, they must process the personal information in accordance with this Privacy Notice and as permitted by applicable data protection laws.
Your personal data is processed to:
· Collect specific personal data (name, contact number, email) that is entered into a contract to sell a product or
· Engage in communication with you including confirmation and reminders of appointments, and requests to
cancel or change bookings.
· Ensure a safe service and provide industry standard advice.
· Select relevant offers, promotions and information for you.
· Hold personal data that is required by law or to respond to legal process.
· Hold for insurance purposes.
· Store customer records.
Your Rights as the Individual
If your personal data is held by John Newman Hairdressing & Beauty, you hold particular rights over it. Where you have provided consent for us to contact you as part of our marketing services, you have the right to modify or withdraw your consent at any time by using the unsubscribe option accompanied with all of our direct marketing or by contacting the John Newman Hairdressing & Beauty Data Officer.
You also have the right:
· To be informed of how your personal data will be used before it is collected.
· To access your personal data and to information on how your information is used after it has been gathered.
· To have personal data corrected if it is incomplete, inaccurate or out-of-date.
· To request the removal or deletion of personal data where there is no compelling reason for its continued
· To restrict processing, to ‘block’ processing of your personal data.
· To data portability, having your data moved, copied or transferred from John Newman Hairdressing & Beauty to
another organisation in an easily readable format.
· To object to direct marketing from us.
Process of collection
Your personal data is collected when you provide it to us through Phorest software, our website, over the phone, in the salon, by email, social media, in writing or any other means by which you provide it to us. Information is stored using the Phorest software platform. John Newman Hairdressing & Beauty gives you access to information about your account and bookings through Phorest software, for the limited purpose of viewing and updating that information.
John Newman Hairdressing & Beauty does not collect the personal data of children under the age of 13 without parental or guardian consent. If you believe that we hold any information from or about a child under age 16, please contact John Newman Hairdressing & Beauty and if we cannot immediately obtain appropriate parental or guardian consent, will remove the personal data from storage.
Your personal data is shared only with Phorest representatives in cases that customer support and troubleshooting is required for the salon. John Newman Hairdressing & Beauty do not share your personal information with any third-party without your prior consent, other than those already disclosed in this privacy notice or as part of our legal obligations under the relevant data protection laws.
Use of Data Processors
Data processors are third parties who provide some elements of our business services for us. Where we use a third-party, we have strict agreements in place governing the processing of your personal data, on which no action can be taken without instruction from us. The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times.
Here is a link to their Privacy Notice.
How Long Do We Keep Your Data?
John Newman Hairdressing & Beauty retains your personal data for as long as necessary to provide you with our services as our client. John Newman Hairdressing & Beauty is required under tax laws to keep your personal data for a minimum of 7 years. Health and Safety records will be retained for 10 years and where we have your consent for marketing purposes, we = will retain the minimum required data until you notify us that you no longer wish to receive such information.
The criteria for which we would continue to process your personal information includes:
· Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information
· Where processing is necessary for the establishment, exercise or defence of legal claims
Transfers of personal information
When your personal data is processed through Phorest software, all of it is held within the EU. Your information is processed by the Phorest software and stored in the Amazon Web Services cloud. During this process your data is encrypted in transit and at rest.
Consequences of not providing your personal information to John Newman Hairdressing & Beauty
In the event that you want to purchase a product or service from John Newman Hairdressing & Beauty certain personal information is required to enter into a contract with you. John Newman Hairdressing & Beauty will not be able to enter into a contract with you to fulfil an attempt to purchase a product or service if you do not provide your personal information. As noted in this privacy statement, we are processing your personal data to comply with legal and statutory obligations and in the performance of a contract. You can always choose not to provide personal information; however, we will be unable to provide certain products, services and treatments in these instances.
Safeguarding your Personal Data
Appropriate measures are taken to protect your personal data from access from unauthorized persons or inappropriate access, internal or external. Your connection to the Phorest system uses a HTTP Secure communication protocol and TLS security. This means all information passed to the Phorest system is encrypted during data input and transfer to the cloud. Any paper files recording your personal data are held in a locked filing cabinet or safe which can only be accessed by authorised personnel in the salon. Employees are only assigned specific access rights and can only access the salon software with the PIN number assigned to them by the management of the salon.
You may come across hyper-links on this site. These hyper-links may take you to sites operated by other organisations which you agree we are not responsible for. When preparing our website, we have taken every care possible. However, we have no control over any of the information you can access via other web sites and, in particular, we are not responsible for the privacy policies adopted by such other websites. Therefore, no mention of any organisation, company or individual to which our web site is linked shall imply any approval or warranty as to the standing and capability of any such organisations, company or individual on the part of John Newman Hairdressing & Beauty.
All design, text, graphics and arrangement thereof are the copyright of John Newman Hairdressing & Beauty or of other copyright owners. Any unauthorised reproduction of the contents of this site without the prior written permission of John Newman Hairdressing & Beauty is strictly prohibited.
You may contact us at firstname.lastname@example.org to:
• Request information we have stored about you.
• Request we remove all identifying information about you.
• Make a complaint.
In the occurrence that you want to make a complaint about how your personal data was gathered, how it is being processed by John Newman Hairdressing & Beauty (or third parties used by John Newman Hairdressing & Beauty) or you are not satisfied about how a complaint has been handled, you retain the right to lodge a complaint directly with the supervisory authority and John Newman Hairdressing & Beauty and also the John Newman Hairdressing & Beauty Data Protection Officer/ GDPR Owner.
Data Protection Supervisory Authority
Data Protection Commissioner, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
+44 (0) 303 123 1113
John Newman Hairdressing & Beauty Data Protection Officer/GDPR Owner
Shirley Newman, 19 Bridge Street, Rothwell, Northamptonshire, NN14 6JW