Protecting your privacy
The type of personal information we collect
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics (for example, name and contact details)
- Purchase history (for example, products, treatments and gift vouchers)
- Medical history (for example, historical and current medicine, conditions and previous surgery)
- Appointment history (for example, areas treated, equipment settings, techniques and pressures)
- Lifestyle information (for example, exercise, sporting interests, nutritional and recent or planned sun exposure)
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- To provide you personalised treatments, products and advice
- To provide treatments, products and advice that are suitable for you
- To provide treatments, products and advice that are safe for you
- To contact you regarding your treatment (for example, appointment reminders, requests to review us)
- To send you marketing related information (for example, offers, news and updates)
We use the information that you have given us in order to give the best possible and safest treatment, experience and advice we can.
We may share this information with treatment specialists that perform treatments and offer advice at Manor Beauty. These include but not limited to: injectables’ doctor or nurse, nutritional therapist, semi-permanent makeup specialist, lash and brow specialist.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting email@example.com
- We have a contractual obligations.
- We have a legal obligations.
- We have a vital interest.
How we store your personal information
Your information is securely stored on our computer system managed by Phorest Salon Software and/or lockable filing cabinet within the office located at the clinic.
We keep client records for 10 years from last appointment. We will then dispose your information by secure shredding of paper records and secure deletion of computer records.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us by emailing firstname.lastname@example.org
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk