We want to ensure that we can continue to provide the same level as service whilst complying with the GDPR legislation.
To enable us to do this, we would ask you to fill out the below form as soon as possible.
If you would not like us to hold any personal data for treatment or appointment purposes then we will delete your client record and all associated personal data. In this circumstance, please inform us as soon as possible by notifying your stylist whilst in the salon or by calling 0141 339 1271. If we delete this data, we cannot call or email you regarding appointments. In addition, we cannot hold any data on patch testing therefore a patch test will be required 48 hours before all on the scalp colour appointments.
Personal Data and GDPR
The General Data Protection Regulation (GDPR) came into effect as of the 25th May 2018. GDPR relates to the use and processing of personal information of EU citizens. Personal data is any information that can be used to directly or indirectly identify a living individual (this includes name, address, email, phone records, online activity, etc.) and does not relate to Businesses.
Hair by Hanlon respect the data we hold and take the security of this data seriously. That is why we want to let you know why and how we collect and store your personal details in accordance with the new GDPR legislation that comes into effect on 25th May 2018.
How we collect your data
We collect your data in several ways at Hair by Hanlon, as detailed below. Further details of all information collected can be found below under the heading 'What personal data we collect and why'.
1. In the salon using a printed form. We then store your name, address, date of birth, email address, treatment history and any medical alerts on our encrypted salon software. The original printed form is destroyed.
2. Verbally – we may ask for your name and telephone number to confirm appointments and to contact you in the event that your appointment needs to be cancelled or rescheduled. In this circumstance, you will not receive marketing information by text.
2. Website Contact Form – We have a contact form on our website for enquiries. We ask for your name, email address and message, you will NOT be added to our mailing list for using this. Emails will be deleted after the enquiry is resolved.
3. Social Media – You may contact us via Facebook messenger or other networks and we will reply to your message but we DO NOT PAY TO USE YOUR PERSONAL DATA FROM SOCIAL MEDIA.
What personal data we collect and why
When arriving for your appointment at the salon we will ask you to complete a client record card. We require the below personal details from you and have given a legal reason why we need these.
1. Your full name – To allow us to address you in the salon and manage our bookings.
2. Date of birth – To help us distinguish between 2 clients with identical names and also to aid the emergency services in case of an emergency at the salon. If you agree to receive marketing information then you may also receive a message offering a discount for your birthday.
3. Address – To aid the emergency services in case of an emergency whilst at the salon.
4. Email address – To send booking confirmations and/or reminders.
5. Phone number – To send booking confirmations and/or reminders.
6. Medical history including results of skin tests – This medical history is crucial to allow us to perform our treatments safely and adhere to the terms of our insurance.
7. Allergies – To ensure nothing we use during a treatment or around the salon can cause you harm, irritation or any other complications and to adhere to the terms of our insurance.
8. Patch testing – This is a skin test we carry out in the salon to test for potential allergic reactions to certain treatments, It needs to be repeated if you have not visited us for a year or more. We keep this on file so all therapists know you are able to have that treatment and in the event of a reaction we know what was used and when.
9. Treatment history – This is so each stylist can see what products and techniques were used in past appointments to ensure results are consistent amongst all staff.
10. Your consent – We require you to read and sign a paragraph that allows us to obtain this information lawfully from you and legally store it in accordance with GDPR.
11. Your contact preferences – If you wish to be on our mailing list you must opt in otherwise we cannot legally send you our newsletters and special offers.
12. Your consent regarding photos – We may take before and after photos on salon devices to aid the client experience and demonstrate proof of progress/ treatment. Sometimes we will use these on social media and need your permission to do so.
How your data is stored
Your data is in digital form at Hair by Hanlon. Paper copies of consultation forms are destroyed after entry into our salon software. Digital information is stored using the Salon Advantage system and data is password protected. Only Hair by Hanlon staff have this password and certain areas are restricted even further to management only.
How long we hold your personal data for
We will hold your data for up to 4 years unless you ask us otherwise. In order to continue to provide the client with the best service possible we need these records to see exactly what treatments were performed, reactions, likes, dislikes, patch tests, products used etc.
We DONOT sell or share your personal data with anyone. No other third party including our accountant has any client personal data.
Your data control officer for Hair by Hanlon is William Hanlon. In the event of a breach of personal data you will be contacted by the above mentioned person within 72 hours of discovery.
You have the right to be forgotten. If at any time you no longer wish to be on Hair by Hanlon’s database that's not a problem, simply call us on 0141 339 1281 and we will ensure all of your data will be deleted from our system.
You have the right to access your personal data that Hair by Hanlon holds and the right to rectification if it is incomplete, incorrect or out of date.
You also have the right to Data Portability if you wish us to transfer some personal data, maybe patch test results if you're moving town to another salon.
You also have the right to object to processing and direct marketing. Your data can remain in one place but not used.