personal information in connection with your relationship with us as a client or potential client including;
- When visiting the salon
- By contacting email@example.com
Information we collect
By ‘information,’ we mean personal information about you that we collect, use, share, store and transfer in
physical and electronic form. This information can be grouped together in the following categories:
- Identity and Contact Information includes first name, last name, title, birthday, email address, telephone number, delivery address, billing address or any other information you provide.
- We will also need information about your age and health in order for a treatment to go ahead.
How we collect information about you
You may give us your information by filling in forms at the salon. This includes information you provide when you:
How we use your information
We use your information in the following ways:
- Identity & Contact Information
- To provide beauty treatments and/or beauty advice
- To send you service messages by email, SMS or otherwise, such as order updates
- For security and to check your identity
- To provide you with marketing (where we have the right to do so – see marketing section below)
- To communicate with you
- To take payment, and give refunds
- For fraud prevention and detection
- To find out what you, and other customers, like
- To make suggestions and recommendations to you about goods or services that may be of interest to you
- To complete brand specific consultations
- To provide beauty treatments and/or beauty advice
Marketing and Communications Information
- To send you information by email, SMS, post, other otherwise, about our products and services
- To provide customer care and support
- To train our staff
Legal basis for processing
Our processing of your personal information is necessary:
- For the performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts;
- For the purposes of legitimate interests pursued by us; or
- In order to comply with a legal obligation to which we are subject.
In relation to any processing of special categories of personal information such as information about your health, we will generally rely on obtaining specific consent from you at the time unless there is otherwise a legal requirement for us to process such information.
Where our processing is based on the legitimate interest grounds described above, those legitimate interests are:
(i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business;
(iii) to provide the products and services you have requested;
(iv) to prevent fraud; and
(v) for our own marketing, research and product development.
Will we share your information with third parties?
- Your product and treatment preferences with specific brands
We may also share your personal information with:
- Law enforcement agencies, other governmental agencies or third parties if we are required by law to do so; and
- Other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity.
We may provide third parties with aggregated but anonymised information and analytics about our customers and, before we do so, we will make sure that it does not identify you.
At any time, you have the right:
- To request access to or a copy of any information which we hold about you;
- To rectification of your information, if you consider that it is inaccurate;
- To ask us to delete your information, if you consider that we do not have the right to hold it;
- To withdraw consent to our processing of your information (to the extent such processing is based on previously obtained consent);
- To ask us to stop or start sending you marketing messages as described below in the marketing section.
- To restrict processing of your information;
- To data portability (moving some of your information elsewhere) in certain circumstances;
- To object to your information being processed in certain circumstances; and
- To not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your information.
Any request for access to or a copy of your information must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with data protection legislation. We will comply with our legal obligations as regards your rights as a data subject.
We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change. You can access, update or correct your personal account details via the My Account section of the Site.
Data Subject Access Requests
We would gladly assist in any data subject access requests free of charge. Data subject access requests must be made in writing and we advise emailing firstname.lastname@example.org to ensure action is promptly taken. Please include the following:
- Full Name
- Email Address
- Details of the specific information you require and any relevant dates
We may ask for further information to identify you and ensure the personal data relates to the individual making the request.
We will respond within one month of receiving the information we require to carry out your request.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or
disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
All information you provide to us is stored on our secure servers. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
We may use your information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. You will receive marketing messages from us if you have requested information from us or purchased goods or
services from us and, in each case, you have not opted out of receiving that marketing. We may also market to you if we have received your express consent to do so.
You can stop receiving marketing messages from us at any time. You can do this:
- By contacting our email@example.com
Once you do this, we will update your profile to ensure that you don’t receive further marketing messages.
Stopping marketing messages will not stop service communications (such as order updates).
We will get your express opt-in consent before we share your personal data with any company outside the Zest Beauty Group for marketing purposes.
How long will we keep your information?
We will keep your information for as long as you have your account, or as long as is needed to be able to provide the services to you, or (in the case of any contact you may have with our Customer Care Team).
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also keep hold of some of your information as required, even after it is no longer needed to provide the services to you.
Where we are permitted to send you direct marketing communications we may retain your contact information necessary for this purpose, (provided that you have consented to receiving them) for as long as you do not unsubscribe from receiving the same from us.
Links to other websites
How to contact us
Questions, comments and requests regarding this policy are welcomed and should be addressed
to firstname.lastname@example.org. You can also send a letter by mail to: Zest Beauty, 4 Bull Close Road, Nottingham NG7 2UL.
If you have any concerns about our use of your information, you also have the right to make a complaint to the data protection regulator in your country. If you are a UK resident, this is the Information Commissioner’s Office, which regulates and supervises the use of personal data in the UK, via their helpline on 0303 123 1113.
Changes to this Policy