GDPR Client Statement

​

How we collect your data We collect your data online using our booking provider Timely and Consult, further details of all information collected can be found below under the heading 'What personal data we collect and why'. We then store your name, date of birth, email address, treatment history on our password protected online system. Social media - You may contact us via Facebook messenger, Instagram messenger or other networks and we will reply to your message but we DO NOT PAY TO OR USE YOUR PERSONAL DATA FROM SOCIAL MEDIA.

What personal data we collect and why Prior to or when arriving for your appointment at the salon we will ask you to complete a client consultation form. We require the below personal details from you and have given a legal reason why we need these.

1. Your full name - So we can address you in the salon and ensure all communication is with the correct person.

2. Date of birth - So we can wish you a happy birthday, to help us distinguish 2 clients with identical names and also for the emergency services in case of an emergency whilst at the salon.

3. Address - To aid the emergency services in case of an emergency whilst at the salon.

4. Email address & contact number- To send booking confirmations, appointment information and 24 hour reminders as well as email invoices of any services you have received.

5. Medical history including operations, diseases, disorders, medications etc, is crucial to allow us to perform our treatments safely and adhere to the terms of our insurance.

6. Allergies - To ensure nothing we use during a treatment or around you at the salon can cause you harm, irritation or any other complications and to adhere to the terms of our insurance..

7. Medication - Some medication can be a contraindication to treatment or react with products we use. It is essential we know details to protect clients and adhere to our insurance terms.

8. Patch test - This is a skin test we carry out in the salon to test for potential allergic reactions to certain treatments. We keep this on file so all therapists know you are able to have that treatment and in the event of a reaction we know what was used and when.

9. Treatment history - This is so each therapist can see what and how the last therapist carried out a treatment on you to ensure results are consistent amongst all staff.

10. Your Consent - We require you to read and sign a statement that allows us to obtain this information lawfully from you and legally store it in accordance with GDPR.

11. Your consent to use treatments photos - Some of our treatments involve before and after photos on salon devices to aid the client experience and proof of progress/treatment. Sometimes we like to use these on social media and need your permission to do so.

12. Your signature - To prove it was you that was present in the salon and that you answered all of the above to the best of your knowledge and honestly and that you agree toHolistic Rituals holding your data for the above reasons.

How your data is stored? Your data is in electronic form at Holistic Rituals. Data is stored online on a password protected system that only staff have access to.

How long do we hold your personal data for? We will hold your data for up to 7 years to comply with our insurance Terms and Conditions. In order to continue to provide the client with the best service possible we need these records to see exactly what treatments were performed, reactions, likes, dislikes, patch tests, products used etc.

Your right to access or change your mind You have the right to access your personal data that Holistic Rituals holds and the right to rectification if it is incomplete, incorrect or out of date. You also have the right to Data portability if you wish us to transfer some personal data. You also have the right to object to processing and direct marketing. Your data can remain in one place but not used.