This privacy notice provides you with details of how we collect and process your personal data through your use of our site beauty-by-gemma.com including any information you may provide through our site when you purchase a product or service or sign up to our newsletter.
By providing us with your data, you warrant to us that you are over 16 years of age.
Gemma Hodges of Beauty by Gemma is the data controller is responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
In short, we only collect information that enables you to do something – purchase a treatment or subscribe to special offers/salon news. We do not sell this information on or use it for any other purpose than the reason you’ve provided it.
Our full details are: Gemma Hodges t/a Beauty by Gemma, 37 Cowling Brow, Chorley PR6 0QE.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at firstname.lastname@example.org.
You are able to opt out of our communications at any time.
What data do we collect?
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process certain types of personal data about you as follows:
- Identity Data may include your first name, last name, email address, mobile phone number
- Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site. (This is generated by WordPress).
- Usage Data may include information about how you use our website, products and services. (E.g visitor stats via WordPress).
- Marketing and Communications Data may include your preferences in receiving marketing communications from us and your communication preferences.
- We may also process Aggregated Data from your personal data but this data does not reveal your identity and as such in itself is not personal data. An example of this is where we review your Usage Data to work out the percentage of website users using a specific feature of our site. If we link the Aggregated Data with your personal data so that you can be identified from it, then it is treated as personal data. (But we don’t do this).
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
How we collect your personal data
We collect data about you through a variety of different methods including:
Direct interactions: You may provide data by filling in forms on our site (or otherwise) or by communicating with us by post, phone, email or otherwise, including when you:
order our products or services;
- book a treatment online
- subscribe to our salon news/special offers;
Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below
Technical Data from the following parties: analytics providers such as Google based outside the EU. Contact, Financial and Transaction Data from providers of technical, payment and delivery services Worldpay based inside the EU.
How we use your personal data
We will only use your personal data when legally permitted. The most common uses of your personal data are:
Where we need to perform the contract between us.
Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by emailing us at email@example.com
Purposes for processing your personal data
Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data. We have also explained what our legitimate interests are where relevant.
We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please email us at firstname.lastname@example.org if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
- To register you as a new customer
- To manage our relationship
- Marketing and Communications
- Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services
- To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
- To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising
- Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy
- To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
In short, we take the information you provide seriously and only use it for the intended purpose e.g. to receive treatment updates, news and special offers. You are able to opt out of our communications at any time. Do get in touch email@example.com if you have any queries.
First published May 2018