WHAT TYPE OF INFORMATION DO WE COLLECT?
We may need to collect and process different information, the following information:
Personal identifiers, contacts and characteristics (for example, name and contact details),
Payment details are collected upon payment of services and and items purchased in our online shop, and,
with consent we take before and after pictures of the treatments which may be used on social media including (but not limited to) Facebook, Instagram, Youtube and Tiktok.
HOW DO WE GET THE PERSONAL INFORMATION AND WHY DO WE HAVE IT?
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
Most of the personal information we process is provided to us directly by you for one of the following reasons:
You booked a treatment via one of (but not limited to) the following channels online, in person or over the telephone.
You purchased an item at our online shop
You subscribed to our mailing list
You gave verbal consent
We use the information that you have given us in order to process payments, advertise our services on our website/social media or to contact you with offers, updates and appointment remiders.
We may share this information with organisations and individuals approved by us.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting email@example.com
(b) We have a contractual obligation.
(c) We have a vital interest.
(d) We have a legitimate interest.
HOW DO WE STORE YOUR PERSONAL INFORMATION?
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We keep contact details, consultation and treatment information for no longer than 3 years after you have been an active customer. We will then dispose your information.
WHAT ARE YOUR DATA PROTECTION RIGHTS?
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at firstname.lastname@example.org if you wish to make a request.
HOW DO YOU COMPLAIN?
If you have any concerns about our use of your personal information, in the first instance you can complain to us at email@example.com or call on 07555397013
If you are not happy with our response you can also complain to the ICO.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk