Who we are
Misho Hair Salon offers hair related products and services. We need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing appointments. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
This Notice will explain what information we collect about you and how we use it.
The information we collect and how
We collect information about you when you book an appointment for a service or treatment, visit the salon or barbershop for a service or treatment, buy a product or apply for a job, whether contact is online, on paper, by email or over the phone.
The information you give us may include your name, address, email address, phone number, relevant history which may suggest that a service or treatment should not go ahead or certain products should not be used (eg allergies, pregnancy, skin conditions), payment and transaction information, IP address and CVs.
We operate CCTV across the premises for the safety and security of our clients and staff as well as a deterrent for the purpose of criminal activity.
For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.
We will be a “data controller” for the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) for any personal information you provide to us in connection with our relationship.
HOW INFORMATION ABOUT YOU WILL BE USED
In law, we are allowed to use personal information, including sharing it outside the salon, only if we have a proper reason to do so, for example:
- To fulfil a contract with you i.e. to provide the service or treatment you have requested and to communicate with you about your appointments
- When it is in our legitimate interest i.e. there is a business or commercial reason to do so, unless this is outweighed by your rights or interests
- When you consent to it: we will always ask for your consent to hold and use health and medical information.
We will therefore share your information with:
- Providers of our salon IT systems: Phorest Software
- Providers of our Booking App, Misho Hair Studio by Ndevor Systems Ltd
- Suppliers of our website: Luminata
We have rigorous data protection and security policies in place with all our suppliers.
We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.
We would like to send you information about products and services which may be of interest to you. We will ask for your consent to receive marketing information.
If you have consented to receiving marketing, you may opt out at a later date.
You have the right at any time to stop us from contacting you for marketing purposes or giving your information to third party suppliers of products or services. If you no longer wish to be contacted for marketing purposes, please contact us.
The information we collect about employees, the purposes it is used for and who it will be shared with is set out in our employment contracts and employee handbook.
HOW LONG YOUR INFORMATION WILL BE KEPT FOR
Unless you request otherwise, we will keep your information to contact you no more than 5 times per year for a maximum of 1 year from your last visit to the salon.
After a year we will archive all your personal information, except for your name, relevant client history (eg allergy test records which we keep for 4 years) and financial transactions (which we are obliged to keep for 6 years).
Information about unsuccessful job applicants will be deleted after four months.
CCTV images are automatically deleted after 30 days.
WHERE YOUR INFORMATION IS KEPT
Your information is securely stored within the European Economic Area on secure servers provided by Phorest Software /Ndevor Systems Ltd. Any payment transactions are encrypted. Sending information via the internet is not completely secure, although we will do our best to protect your information and prevent unauthorised access.
CCTV images are held securely on site.
ACCESS TO YOUR INFORMATION AND CORRECTION
You have the right to request a copy of the personal information that we hold about you. This will normally be free, unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.
If you would like a copy of some or all of your personal information, please contact Misho Dimitrov by emailing email@example.com.
We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or remove information you think is inaccurate.
You have the right to ask us to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.
Our website includes links to other websites. This privacy notice only applies to this website so when you link to other websites you should read their own privacy notices.
CHANGES TO OUR PRIVACY NOTICE
We keep our privacy notice under regular review and we will place any updates on this webpage or on the printed copy. This privacy notice was last updated on 22nd May 2018.
HOW TO CONTACT US
Please contact us if you have any questions about our privacy notice or information we hold about you:
- By email firstname.lastname@example.org.
- Or write to us at Misho Hair Studio, The Vine Yard, High Street, Stockbridge, Hampshire, SO20 6HF
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern: www.ico.org.uk/concerns/handling
You may contact us at email@example.com to:
- Request information we have stored about you;
- Request we remove all identifying information about you; or
- Make a complaint.