This privacy notice explains how BLEU Beauty and Wellness Ltd. known as BLEU Beauty & Wellness looks after the personal information you give us or that we learn by having you as a client and the choices you make about marketing communications you agree we may send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.
BLEU Beauty & Wellness Ltd, medical SPA in Shaw Village Centre, Swindon, Wiltshire. Holistic treatments, Beauty services including waxing, facials, manicures, pedicures and Aesthetic treatments including Dermal Fillers & Anti-Wrinkle Injections etc.
• What information we collect about you
• How information about you will be used
• How long your information will be kept for
• Where your information is kept
• Access to your information and correction
• Other websites
• Changes to our privacy notice
• How to contact us
WHAT INFORMATION WE COLLECT ABOUT YOU
We collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product or apply for a job, whether the contact is in person, online, on paper, by email or over the phone.
The information you give us may include your name, address, email address, phone number, relevant history which may suggest that a service or treatment should not go ahead or certain products should not be used (eg allergies, pregnancy, skin conditions, medical conditions), payment and transaction information, IP address and CVs.
We operate CCTV across the premises for the safety and security of our clients and staff as well as a deterrent for the purpose of criminal activity.
For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.
HOW INFORMATION ABOUT YOU WILL BE USED
In law, we are allowed to use personal information, including sharing it outside the salon, only if we have a proper reason to do so, for example:
To fulfil a contract with you ie to provide the service or treatment you have requested and to communicate with you about your appointments
When it is in our legitimate interest ie there is a business or commercial reason to do so, unless this is outweighed by your rights or interests.
When you consent to it: we will always ask for your consent to hold and use health and medical information.
We will, therefore, share your information with:
Providers of our salon IT systems SHEDUL and Google Suite
Suppliers of our website: GoDaddy and WIX.com
We have rigorous data protection and security policies in place with all our suppliers.
Some of the people working in our salon are self-employed. Where software systems and reception facilities are shared, our self-employed colleagues will have access to your information.
We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.
We would like to send you information about products and services which may be of interest to you. We will ask for your consent to receive marketing information.
If you have consented to receive marketing, you may opt out at a later date.
You have the right at any time to stop us from contacting you for marketing purposes or giving your information to third party suppliers of products or services. If you no longer wish to be contacted for marketing purposes, please contact us.
The information we collect about employees, the purposes it is used for and who it will be shared with is set out in our employment contracts and employee handbook.
HOW LONG YOUR INFORMATION WILL BE KEPT FOR
Unless you request otherwise, we will keep your information to contact you no more than 5 times per year for a maximum of 1 year from your last visit to the salon.
After a year we will archive all your personal information, except for your name, relevant client history (eg allergy test records which we keep for 4 years) and financial transactions (which we are obliged to keep for 6 years).
Information about unsuccessful job applicants will be deleted after four months.
CCTV images are automatically deleted after 30 days.
See our data retention policy for further information, including employee data.
WHERE YOUR INFORMATION IS KEPT
Your information is stored within
the European Economic Area; or
in a country which the European Commission has determined provides an adequate level or protection (including via Privacy Shield agreements); or
to service providers who have an agreement with us compliant with the Model Contract Clauses (as defined by the European Union)
on secure servers provided by SHEDUL, GOOGLE and GoDaddy.
Any payment transactions are encrypted. Sending information via the internet is not completely secure, although we will do our best to protect your information and prevent unauthorised access. CCTV images are held securely on site.
ACCESS TO YOUR INFORMATION AND CORRECTION
You have the right to request a copy of the personal information that we hold about you. This will normally be free unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.
If you would like a copy of some or all of your personal information, please contact Roberta Smith, the Data Protection Officer, by emailing firstname.lastname@example.org. We will process and send you all this information within 30 days.
We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or remove information you think is inaccurate.
You have the right to ask us to object to our use of your personal information or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.
RIGHT TO PERMANENT DELETION OF YOUR DATA
You have the right to ask us to permanently delete all the personal information we hold about you. Upon request, we will delete all of your personal data save the financial transactions (which we are obliged to keep for 6 years) and other information that might be required by law to be stored.
E-NEWSLETTERS & SMS
We email e-newsletters & SMS to inform you about products, services and treatments provided by our salon / aesthetic centre. You have the opportunity to unsubscribe from e-newsletters and OptOut from receiving marketing SMSs at any time.
E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity. We use this information to refine future email campaigns and provide you with more relevant content based on your activity.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
Our website includes links to other websites. This privacy notice only applies to this website so when you link to other websites you should read their own privacy notices.
SOCIAL MEDIA PLATFORMS
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
SHORTENED LINKS IN SOCIAL MEDIA
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses] (this is an example: http://tiny.cc/n6futy).
Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links
CHANGES TO OUR PRIVACY NOTICE
We keep our privacy notice under regular review and we will place any updates on this webpage or on the printed copy. This privacy notice was last updated on 21st May 2018.
HOW TO CONTACT US
Please contact us if you have any questions about our privacy notice or information we hold about you:
By email: email@example.com
Or write to us at BLEU Beauty & Wellness, Suite 1A Lucena House, Shaw Village Centre, SN5 5PY
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern: www.ico.org.uk/concerns/handling
Phone: 01793 976 616
BLEU Beauty & Wellness,
Suite 1A Lucena House,
Shaw Village Centre,
Swindon. SN5 5PY