Our contact details
The categories of personal data we collect and use include:
You provide information when you contact us by phone, email, or post or when you communicate with us via social media.
Information about electronic communications you receive from us. Including whether that communication has been opened and if you have clicked on any links within that communication.
Answers you provide when you respond to competitions, votes and surveys, or you may disclose other personal data to us when you use our website or social media links at any time.
Sources of personal data
We will receive your data when you provide it to us yourself or when you use or purchase our products.
How we use your data
As necessary, to comply with a legal obligation for the following purposes:
Where you exercise your rights under data protection law and make requests and comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity.
As necessary, for our legitimate interests in providing information about our products and ensuring we operate in a commercially suitable way tailored to your use and interests, for the following purposes:
To provide you with product information.
To verify your identity for security purposes.
To help us to ensure our customers are genuine and to prevent fraud.
To ensure the security of our websites, mobile applications and other technology systems.
To provide you with information about our products, to contact you about administrative matters, and to manage and respond to any queries or complaints you make or any correspondence you send us.
To market our products and services from other clinics/salons representing our brand, including sending marketing communications.
For market research and statistical analysis and to analyse the use of our services/products so we can improve them.
Based on your consent, for the following purposes:To send you marketing communications.
Sharing your personal data
We will share your personal data with other companies who represent our brand in order to give the most up-to-date information on locations that offer our product and the pricing of treatments. We will also disclose your data to third parties in the following circumstances: If we are under a duty to disclose or share your personal data to comply with any legal obligation, any lawful request from government or law enforcement officials may be required to meet national security or law enforcement requirements or prevent illegal activity.
To protect our rights or the rights of a third party.
To protect the safety of any person or to prevent any illegal activity.
To protect our rights, property, or safety, our customers or other persons may include exchanging personal data with other organisations for fraud protection and credit risk reduction.
Save as detailed above in this section; we will never share, sell or rent your personal data to any third party without notifying you and obtaining your consent.
How long do we keep your personal data?
We will generally retain your data for as long as you use our products/services and for up to two years after your last use of our products/services. Or your previous interaction with us (for example, the last time you opened an electronic communication from us or visited one of our websites).
We will retain your personal data for longer if we believe we need them to respond to any claims to protect our rights or the rights of a third party. We will retain your personal data for longer if we are required to keep them to comply with applicable laws.
We will always retain your personal data following data protection law and only keep your personal data for a short time.
Automated decision-making and profiling
To create marketing profiles, we will combine any personal data about you that we receive from you and other companies affiliated with our brand.
Marketing profiles include personal data such as Information about Products/Services you have purchased previously. For example, we may analyse the personal data of people who have purchased a particular product/service and then compare them with others in our database. Suppose we identify people in our database with similar personal data to the original product users/purchasers. In that case, we may then target marketing about that event to the new people we have identified in our database, for example, by sending direct marketing emails. We may conduct the profiling and send direct marketing emails automatically.
The third-party processor we use is as follows:
- Constant Contact
We conduct these automated decision-making and profiling activities for our legitimate interests in providing our Products/Services and ensuring they operate in a commercially suitable way tailored to your use.
We will ensure that the automated decision-making and profiling do not produce legal effects concerning you or similarly significantly affects you.
You may contact our Data Protection Officer by email at firstname.lastname@example.org at any time to:·
Request that we provide you with a copy of the personal data which we hold about you.
Request that we update any of your personal data which is inaccurate or incomplete.
Request that we delete any of your personal data which we are holding.
Request that we restrict the way that we process your personal data.
Request that we provide your personal data to you in a structured, commonly used and machine-readable format.
Object to us personal processing data based on our legitimate interests, including profiling; or object to us processing your personal data for direct marketing purposes.
Your request must include your name, email address and postal address, and we may request proof of your identity. Please allow at least seven working days for us to process your request.
Withdrawing your consent
Where we are processing your personal data based on your consent, you may change your mind and withdraw your consent at any time. You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email.
Right to complain to a supervisory authority.
You may also complain to a supervisory authority for data protection matters. In the UK, this would be the UK Information Commissioner’s Office (https://ico.org.uk/). Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
How do we protect your personal data?
We use industry-standard technical and organisational security measures to protect your data. We keep your personal data secure by implementing policies, procedures and access controls so that only authorised members of our staff can access your personal data. We protect our information technology systems with firewalls, anti-virus, anti-malware software, and other information security technology solutions.
We cannot guarantee the security of your personal data when you transmit it to us. For example, if you email us your personal data, you should be aware that email is not a secure transmission method. As such, you acknowledge and accept that we cannot guarantee the security of your personal data transmitted to us and that any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access.
Cookies and tracking technologies.
To analyse the traffic to our websites (for example, we can count how many people have looked at a specific page or see how visitors move around the website when they use it, and use this information to improve the website).