LeSalon Beauty Ltd (“LeSalon”, “we”, “our” or “us”) is a company incorporated in England and Wales with company number 09084899 and having its registered office at LeSalon Beauty Ltd of 9th Floor 107, Cheapside, London, England, EC2V 6DN. We are a “data controller” for the purposes of the Data Protection Act 1998 and the EU General Data Protection Regulations (GDPR) (i.e. we are responsible for, and control the processing of, your personal information). Controller, Data Subject, Processor and processing shall have the respective meanings given to them in applicable Data Protection Laws from time to time (and related expressions, including process, processing, processed, and processes shall be construed accordingly) and international organisations shall have the respective meanings given to them in the GDPR.
LeSalon Beauty Ltd takes the privacy and security of your personal data very seriously. We only capture information from you that we need to deliver our services effectively and to keep in contact with you on the basis necessary to fulfil our obligation or as agreed between us. We will only use your personal data for any purpose that is necessary to fulfil our commitments to you, or comply with regulation or to fulfil an activity that you have consented to participate in.
- What information do we collect about you?
- How we will use the information about you?
- Disclosure of personal data
- Access/Your rights/How to contact us or unsubscribe
- Personal data/retention
- Access/Your rights/How to contact us or unsubscribe
- Your rights /How to contact us or unsubscribe
We will at all times seek to comply with the requirements of the UK Data Protection Act, 1998 (the “Act”) and the EU General Data Protection Regulation (GDPR) in respect of all data that we collect from you. We also commit to adhering to any applicable laws and regulations to ensure that your personal information given to us is kept appropriately secure and is processed lawfully.
The term “Personal Data” refers to personally identifiable information about you, such as your name, job description, health related data, treatment history, birthday, e-mail address or mailing address.
What information do we collect about you?
We may collect and process the following data about you:
- Information that you provide by filling in forms when using the Website or through the Apps or through other means, registering to use the Website and/or the Apps, subscribing to our services, posting material or requesting further services. We may also ask you for information when you report a problem with the Website and or the Apps;
- If you contact us we may keep a record of that correspondence;
- Details of your visits to the Website or the Apps including, but not limited to, amounts paid, traffic data, location data, practitioner data and other communication data and the resources that you access;
- Device information: Each time you use our Website or our Apps we may also collect information about your device. This may include information on the type of mobile device that you are using and its unique device identifier (for example, the IMEI number, the device’s mobile phone number, the MAC address of the device’s wireless network interface or push ID), the mobile operating system that you are using and mobile network information.
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Website or our App(s) (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Information we receive from other sources. Client Consultation Forms – Prior to your receiving the treatment you have booked (“the Treatment”) you may be asked to complete a consultation form either by the beauty therapist (“Salonette”) or via electronic communication in which you will be asked for details of any medical conditions. We will store these on behalf of the Salonette.
- Salonette Notes – The Salonette may make notes during the Treatment. These notes will record information that you give the Salonette and the Salonette’s observations, e.g. whether there are any pets at the premises, your colour preferences and whether you experienced any discomfort during the Treatment. If any of this information include details of your physical or mental health you will be asked for your explicit consent. We will store these notes and may make them available to other Salonettes that you choose to book through LeSalon.
- We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers) and may receive information about you from them.
- In addition to the information we collect as described above, we use technology to collect anonymous information about the use of the Website. For example, our web server automatically logs which pages of our Website our visitors view, their IP addresses and which web browsers our visitors use. This technology does not identify you personally, it simply enables us to compile statistics about our visitors and their use of our website.
How we use the information about you.
We will use your Personal Data only with the intent to deliver the services you request and to understand you better and enhance your experience with LeSalon. By analysing and monitoring your personal data we can be more relevant with our marketing and communication. We will use your Personal Data to fulfil your requests and we will ask only for data that is adequate, relevant and not excessive for those purposes. Where we send you information for any purpose, it may be sent by e-mail, phone, SMS, push notifications or via the Website or our Apps or post. When we ask you for Personal Data it may include the following purposes:
- We may contact you occasionally to inform you of new products and services we will be providing;
- We may send you regular updates on issues we think will be of interest to you;
- We may send you requested information on our products and services;
- To improve our services;
- We may use your Personal Data for marketing purposes and market research;
- To measure or understand the effectiveness of our advertising to you and others and to deliver relevant advertising to you;
- To remind you of your appointments; and
- We may use your Personal Data internally for administration and internal operations, including troubleshooting, data analysis, data security, testing, research, statistical and survey purposes.
LeSalon complies with the e-Privacy Directive 2002. We would like to send you information by email or post about products, services, competitions, sales and special offers which may be of interest to you. There are several ways you can consent to our marketing: you can give consent by ticking the boxes on our registration forms or by contacting our Customer Services team by email at email@example.com.
If you have consented to marketing communication, by opting in, we will send you marketing messages until you specify otherwise by contacting our customer care team by email at firstname.lastname@example.org.
You can opt out at any time and from specific methods of marketing. Please see the ‘How do I unsubscribe from communication?’ section below. Alternatively, you can email email@example.com.
Disclosure of personal data
- With Salonettes to enable them to provide the treatments effectively and to effectively manage customer relations.
- With companies that provide LeSalon with the support services including analytics, CRM and search engine providers that assist us in the improvement and optimisation of our Website and our App.
- In order to provide you with the information or products which you have requested, Personal Data may occasionally be transferred or shared with other companies within our group of companies or third parties who act for us for further processing in accordance with the purposes for which the data was originally collected or for purposes to which you have subsequently consented. For example, sometimes a third party may have access to your Personal Data in order to support our information technology or to handle mailings on our behalf.
- We will keep your contact details on our database and may, from time to time, e-mail or post you information to make you aware of our other similar products and services which may be of interest to you. If you do not wish to receive e-mails or post from us for these purposes, please let us know by following the “unsubscribe” procedure set out in the email or email us on firstname.lastname@example.org.
- We may share, transfer or disclose the information in our databases and server logs to comply with a legal requirement, for the administration of justice, interacting with anti-fraud databases, to protect your vital interests, to protect the security or integrity of our databases or this website, to take precautions against legal liability, or in the event of our sale, merger, reorganisation, dissolution or similar event. We will inform you of any such transfer or disclosure as required by law.
- Where appropriate, before disclosing Personal Data to a third party, we contractually require the third party to take adequate precautions to protect that data and to comply with applicable law.
- Where you have chosen to connect your LeSalon account to your Facebook account we may share, disclose, and transfer Personal Data to Facebook. This permission will be requested when you connect your accounts. If you have given this permission you may then disable this function at any time by changing your Facebook or LeSalon account settings
- In certain circumstances we may disclose personal information relating to you to third parties in order to conform to any requirements of law, to comply with any legal process, for the purposes of obtaining legal advice, for the purposes of credit risk reduction, to prevent and detect fraud and/or to protect and defend the rights and property of LeSalon.
- Payments on our Website are made through our payment solutions providers. You will be providing credit or debit card information direct to our providers who process payment details in a secure manner.
- In the event that we or a part of our business undergo re-organisation or are sold to a third party, any personal information we hold about you may be transferred and/or disclosed to that re-organised entity or third party.
- In each case, we will only provide these companies with the information which they need to carry out their services. They will not be permitted to use the information for other purposes and will be bound by the same duty of care regarding data privacy. They will only be allowed to use your information in the way in which we instruct them and as permitted by the Data Protection Act or the GDPR.
We will only keep your information as long as you have an account with us and for 5 years after your last purchase or otherwise as required for our business operations records or by law. This information will be kept secure at all times and only used for the legitimate purpose for which we require it or that you have consented to. After the stated period of time expires, we will anonymise all of your personal data, however some order information will be stored as an unknown customer.
- In order to collect the anonymous data described above, we may use temporary “cookies” that remain in the cookies file of your browser until the browser is closed. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to your browser and stored on your computer’s hard drive. Cookies do not damage your computer. You can set your browser to notify you when you receive a cookie.
- This enables you to decide if you want to accept it or not. We also use your IP address to help diagnose problems with our server and to administer our website. An IP address is a numeric code that identifies your computer on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information. We may also perform IP lookups to determine which domain you are coming from (i.e.: aol.com, yourcompany.com) to more accurately gauge our users’ demographics.
Although we use secure technology to protect your personal data when we have received it, we cannot guarantee the security of your data whilst being submitted to us and any transmission is at your own risk. We use industry security features to prevent unauthorised access wherever possible. Personal information provided to LeSalon via our Website and online credit card transactions is transmitted through a secure server using Secure Socket Layering (SSL), encryption technology. When the letters “http” in the URL change to “https,” the “s” indicates you are in a secure area employing SSL; also, your browser may give you a pop-up message that you are about to enter a secure area or display a padlock image.
Our Website uses this encryption technology to protect your information during data transport. SSL encrypts ordering information such as your name, address and credit card number. Our Customer Care team and stores also operate over a private, secure network. Please note that e-mail and correspondence via our live chat service is not encrypted and is not considered to be a secure means of transmitting personal data and credit card information.
LeSalon shall at all times maintain appropriate physical, electronic, managerial and organisational measures to safeguard and secure Personal Data against accidental, unauthorised or unlawful loss, unauthorised modification, disclosure or access that is determined to be appropriate to the risk. All our employees and data processors who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of the personal information of all users of our services.
Personal Data stored about you is held securely with appropriate measures in place to reduce the risk of a malicious attempt to access or misuse your data. We will delete your data when we have no further legitimate use for it in line with our storage policy.
Access/Your rights/How to contact us or unsubscribe
Upon receipt of your written request and enough information to permit us to identify your Personal Data, we will disclose to you the Personal Data we hold about you, for which we may make a charge up to the maximum as allowed by applicable law. We will also correct, amend or delete any Personal Data that is inaccurate and notify any third party recipients of the necessary changes. You may update any information you have given to us by contacting us at the addresses given below.
You have the following rights in respect of the information we hold about you:
- The right to request a copy of your information which we hold. If you would like a copy of some or all of it please:
- Email email@example.com
- Let us know what information you want
- We may ask you for personal information to verify your identity
- The right to correct any mistakes in your information. If you would like us to do this please:
- Email firstname.lastname@example.org
- Let us have information to identify you (e.g. email address)
- Let us know what information is incorrect and what it should be replaced with
- In certain circumstances, the right to delete your information. If you would like us to do this please email email@example.com.
- In certain circumstances, the right to restrict the processing of your information. If you would like us to do this or would like more information please email firstname.lastname@example.org.
- In specific circumstances, the right to object to certain types of processing. If you would like us to do this or you would like more information please email email@example.com.
- The right to change your preferences and communication at any time. If you would like us to do this or would like more information please email firstname.lastname@example.org.
It may take up to eight weeks to ensure your request to invoke any of your rights is fully actioned. LeSalon reserves the right to charge a reasonable administration fee to cover the cost of fulfilling a request to exercise any of these rights. Any fee applicable to the performance of an action will be advised to you at the point of making a request.
You can opt out of marketing communication such as email newsletters and catalogues at any time. You can do that either as indicated in the particular communication, e.g. by using the unsubscribe link which is included on all email updates.
If you choose to opt out of marketing emails, this can take up to one week for the change to flow through our systems. Even if you have opted out of emails we will continue to send you transactional emails about your purchases.