Privacy Policy
1 IMPORTANT NOTICE
- a) This is the Privacy Notice of Salon C Stellar which is the trading name of Salon Circumstellar Ltd. (company number 13487747) whose registered office is at 42 Ickwell Road, Northill, Biggleswade, England, SG18 9AB
(“ we”, “us” or “our”) and sets out how we collect and process your personal data. This Privacy Notice also provides certain information that is legally required and lists your rights in relation to your personal data.
- b) This Privacy Notice relates to personal data that identifies “ you” meaning our wonderful customers or individuals who browse our website and other valued individuals outside our organisation with whom we interact. If you are one of our brilliant employees or otherwise engaged in work for us or applying to work for us, you can stop reading as a separate privacy notice applies to you instead.
- c) We refer to this information throughout this Privacy Notice as “personal data” and paragraph 3 explains more about what this includes.
- d) Please have a read of this Privacy Notice to understand how we may use your personal data
- e) This Privacy Notice may vary from time to time so please check it regularly. This original version was published on 1st of November 2022.
2 HOW TO CONTACT US
- a) Data controller and contact details
For the purposes of relevant data protection legislation, we control the personal data you kindly provide to us and as a controller we use the personal data in accordance with this Privacy Notice. It’s all very legal-sounding, but trust us, it’s important and pretty vital that we’re all on the same page.
If you wish to get hold of or correct your personal data held by us or if you need to contact us about our use of your personal data, then please email our Data Privacy Manager on:
By Email: hello@saloncstellar.com
- b) Data Privacy Manager
Our Data Privacy Manager is our founder, Andrea Pfeffer and you can contact her at:
hello@saloncstellar.com
- CATEGORIES OF PERSONAL DATA WE COLLECT
- a) The categories of personal data about you that we may collect are:
- Individual Data. This includes personal data you give us in person, via our website or by telephone, including your personal and contact details you supply when booking an appointment, signing up to our newsletter and contact us to let us know we are doing well (yay!) or to make a complaint (sob) or ask a booking / press / brand collaboration / marketing / shop / recruitment / general enquiry. So things like your first name, middle name, last name, username or similar identifier, title, date of birth and gender, racial or ethnic origin, billing address, delivery address, email address and telephone numbers, family and associate details, and physical or mental health details. Phew! What can we say? We like getting to know our clients.
- Audio and Visual Data. Thisincludes personal data which is gathered using our CCTV, imagery taken during the appointment to record those all important before and after photos or skin scans as well as other recording systems in the form of images or video footage that are taken at the salon. Don’t worry, anything utilised for promotional purposes would always have your approval prior to use. We also collect;
- Account and Profile Data. This includes personal data that relates to your account or profile on our website, such as your username and password, purchases or orders made by you, your interests, preferences, feedback, survey responses and what you had for breakfast (kidding!);
- Advertising and Marketing Data. This includes personal data which relates to your marketing preferences, such as information about your preferences in receiving marketing contact from us and our third parties and your communication preferences as well as your personal interests;
- Sales Data.This includes personal data relating to the transactions you have conducted with us, such as details about payments to and from you, details of the products, services and treatments you have purchased from us.
- Economic and Financial Data. This includes personal data relating to your finances, such as your bank account and payment card details and information which we collect from you – not to snoop but for the purposes of the prevention of fraud;
- Market Research Data. This includes personal data gathered for the purposes of market research, such as price comparison information. It’s the stuff of a marketing executive’s dreams.
- Information Technology Data. This includes personal data relating to your use of our website. Geeky stuff like your internet protocol (IP) address, login data, traffic data, weblogs and other communication data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website; and
- Health Data. This includes personal data gathered for health and safety purposes including any accident report or claim log.
- b) We may also create personal data about you. No, not to be nosy. But say you made a complaint about our services or products by telephone, then we may make a written record of key details of the conversation so that we can take steps to address the complaint.
- c) We also take and use certain aggregated data such as statistical or demographic data for any purpose (“aggregated data”). Get ready for the mother of all explanations. Aggregated data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate your operational data to calculate the percentage of users accessing a specific feature on our website. However, if we re-combine or re-connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
- d) On top of that, we may take certain special categories of your data (“ special categories of data”), and this Privacy Notice specifically sets out how we may process these types of personal data. The special categories of data are: (i) data concerning health.
- e) Rest assured, we do not collect information about criminal convictions and offences. So your secret is safe! (too far?)
4 THE SOURCES FROM WHICH WE OBTAIN YOUR PERSONAL DATA
We get your personal data from the following sources:
(a) You! Either in person (at our salon or otherwise), via our website or by telephone. This could include personal data which you provide when you:
- purchase our products or services;
· create an account on our website; - complete a client intake or treatment form;
· complete a waiver form;
· subscribe to our newsletter;
· ask for information on our services or products or for other marketing to be sent to you;
· enter into a competition or promotion;
· complete a survey from us or give us feedback; and
· when you visit our salon;
(b) Automated technologies. So, things like CCTV or other recording systems, cookies, server logs and other similar technologies. We may automatically collect Information technology data about your equipment, browsing actions and patterns by using cookies, server logs and other similar technologies. [We may also receive information technology data about you if you visit other websites employing our cookies.] Please see our cookie policy for more details. Audio and visual data may be collected on you if you attend any of our salon for security purposes. All this in the name of providing the best service for you and your skin, according to your day to day habits.
(c) Third parties, such as:
- analytics providers (such as Google Analytics);
- advertising networks (such as Google and Facebook based
[inside]/[outside] the EU); - search information providers (such as Google);
- providers of technical, payment and delivery services (such as GlobalPayments, Stripe, Shopify Plus);
- Refer a Friend Providers (such as Mention Me) ;
(d) Publicly available sources, such as Companies House.
5 HOW WE USE YOUR PERSONAL DATA & OUR BASIS FOR USING IT
- a) We may rely on one or more of the following legal bases when processing your personal data. We have set out below the reasons for why we may process your personal data:
|
|
|
|
|
To register you as a new customer. |
|
The processing is necessary |
|
So that we can follow through with our contractual obligations to you. This would include; processing and delivering any order placed by you or orders placed by us where you are a supplier making or receiving payments, fees and charges and collecting and recovering money owed. |
|
The processing is necessary. |
|
So that we comply with our own legal obligations, e.g. health and safety legislation, or to assist in an investigation (e.g. from the Police). |
|
The processing is necessary for us to comply with the law. |
|
So that we can use your personal data in life or death situations and there is no time to gain your consent (e.g. in the event of an accident and we have to give your personal details to medical personnel). |
|
The processing is necessary in order to protect the vital interests of an individual. |
|
So that we can maintain our relationship with you
· to send you any information you have requested; |
|
The processing is necessary: |
|
So that we can administer and protect our business, deal with any misuse of our website and to comply with our security policies. |
|
The processing is necessary: |
|
So that we can make suggestions and recommendations to you about goods or services that you may be excited about, deliver relevant website content and advertisements to you and to measure or understand the effectiveness of our advertising. |
|
The processing is necessary for our legitimate interests (to study how customers use our products/services, to develop our products and services and ensure our marketing is relevant to you, to grow our business and to inform our marketing strategy. |
|
For internal purposes to use data analytics, to identify usage trends, determine and measure the effectiveness of promotional campaigns and advertising and to improve our website, relationships and experiences. |
|
The processing is necessary for our legitimate interests in defining types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy |
|
To communicate with you about, and get your participation in, special events, programs, promotions, any prize draws or competitions; |
|
The processing is necessary: |
|
To sell, make ready for sale or dispose of our business in whole or in part including to any potential buyer or their advisers. |
|
The processing is necessary for our legitimate interests in the sale or disposal of our business or assets. |
|
So that we can enforce or apply our terms of use, terms and conditions of supply and other agreements with third parties. |
|
The processing is necessary for our legitimate interests in protecting our business and property and recovering debts owed to us. |
|
For recruitment purposes where you have sent us your CV or a job application. We may keep your details on file for a while for future reference incase a suitable position subsequently becomes available and we may send you information about job opportunities. |
|
The processing is necessary for our legitimate interests in recruiting for our business. |
In addition, we may lawfully process special categories of data in certain ways. We set these out below along with the linked purposes for which we can process these special categories of data:
|
REASONS FOR WHY WE PROCESS YOUR PERSONAL DATA |
CATEGORIES OF PERSONAL DATA |
WHY WE ARE ALLOWED TO DO (ACCORDING TO THE LAW) |
|
So that we can use our knowledge of any health-related personal data you disclose to us in the event of illness or injury or some other related emergency. |
Health Data |
The processing is necessary in order to protect the vital interests of you or another individual where you or the individual is physically or legally incapable of giving consent. |
|
So that we can use information about your health in providing our goods and services to you, where you have published in a public forum that you are suffering from a particular health condition like telling us at a class that you suffer from a medical condition. |
Health Data |
The processing relates to personal data which are manifestly made public by you. |
|
So that we can disclose any Special Categories of Data we hold on you, where to do so is in the substantial public interest, as long as when we do so we provide suitable measures to protect your rights. |
The processing is necessary for reasons of substantial public interest, on the basis of applicable law and it is: |
|
|
So that we can protect against the threat of an epidemic. |
The processing is necessary for |
|
- b) We don’t need your consent if we process your data under one or more of the other legal bases set out above. Very rarely, we may approach you for your written consent to allow us to process certain data. But it is not a condition of your contract with us that you agree to any request for consent from us. We would just really appreciate it.
6 WHO RECEIVES THE PERSONAL DATA YOU PROVIDE TO US
We may disclose the personal data you provide to us to:
- our group companies and affiliates or third-party data processors who may process data on our behalf to help us to carry out our usual business practices. Disclosures like this will only be so that we can process your personal data for the purposes set out in this Privacy Notice;
· HMRC, legal and other regulatory authorities, including those who request your personal data or to report any potential or actual breach of applicable law or regulation;
· external professional advisers such as accountants, auditors, bankers, insurers and lawyers; (clever people like that)
· law enforcement agencies, courts or other relevant party, to the extent necessary for the establishment, exercise or defence of legal rights;
· third parties where necessary for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties;
· third parties which are considering or have decided to acquire some or all of our assets or shares (including in the event of a reorganisation, dissolution or liquidation);
· third parties operating plugins or content (such as Facebook, Twitter, Instagram) on our website which you choose to interact with
7 INTERNATIONAL TRANSFERS OF PERSONAL DATA
We do not process or transfer personal data we collect from you outside the European Economic Area.
8 HOW LONG WE WILL STORE YOUR PERSONAL DATA FOR
We keep the length of time that we hold your personal data for under review. These reviews take place annually.
9 CONTRACTUAL OR STATUTORY REQUIREMENTS ON YOU TO PROVIDE PERSONAL DATA
- a) In certain circumstances providing your own personal data is a requirement:
to comply with the law or a contract; or
· necessary to enter into a contract. - b) It is your choice as to whether you provide us with your personal data necessary to enter into a contract or as part of a contractual requirement. If you do not provide your personal data then the consequences of failing to provide your personal data are that we may not be able to perform to the level you expect under our contract with you. An example of this would be where we are unable to provide you with certain products or services as you have not provided certain health data to us that we might need for health and safety purposes. We ask you to be open about your medical history so that you and your skin can get the best experience possible at the salon.
10 YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
- a) Subject to applicable law including relevant data protection laws, in addition to your ability to withdraw any consent you have given to our processing your personal data (see paragraph 4b), you may have a number of rights in connection with the processing of your personal data, including:
- the right to request access to your personal data that we process or control;
· the right to request rectification of any inaccuracies in your personal data or, taking into account the purposes of our processing, to request that incomplete data is completed;
· the right to request, on legitimate grounds as specified in law:
– erasure of your personal data that we process or control; or
– restriction of processing of your personal data that we process or control;
- the right to object, on legitimate grounds as specified in law, to the processing of your personal data;
· the right to receive your personal data in a structured, commonly used and machine-readable format and to have your personal data transferred to another controller, to the extent applicable in law; and
· the right to lodge complaints regarding the processing of your personal data with the Information Commissioner’s Office or other relevant supervisory body. Please see https://ico.org.uk/concerns/for how to do this.
If you would like to use any of the rights from the above list, please contact us using the contact details set out in paragraph 2. We’re always happy to hear from you.
11 LINKS TO OTHER WEBSITES
Just so you know, this policy only applies to us. If you link to another website from our website, you should remember to read and understand that website’s privacy policy as well. We are not responsible for any use of your personal data that is made by unconnected third party websites.
12 COOKIES
Salon C Stellar use cookies in order to create an enjoyable and easy online experience for you. By using our website you are agreeing that we can house cookies on your device.
What are Cookies?
They’re mentioned in that notification that comes up everytime you click onto a new website and are unfortunately completely unrelated to sugar. Cookies are small text files we put in your browser to track usage of our site but they don’t tell us who you are
Can I delete or control my Cookies?
If you wish to delete any cookies that are already on your computer or device please refer to instructions for your file management software to locate the file or directory that stores cookies.
Please note that by deleting our cookies or disabling further cookies you may not be able to book or shop the online store as the session cookies retain your basket information. Our cookies are the good kind that help to get orders placed and appointments booked.
Where can I find out more?
For more information about controlling or deleting cookies visit www.aboutcookies.org.
If you have any concerns or queries about your personal information or any questions on our use of the information, please email hello@saloncstellar.com and we will be happy to help. Whatever the problem, we can sort it out together!