Privacy Policy
This Privacy Policy describes how Gloss & Grace ("we", "us", or "our") collects, uses, and protects personal data when you visit or use our online platform, including our site and related services (collectively, "this service").
1. Information We Collect
We collect information you provide directly to us when you use this service. This includes, but is not limited to, information you provide when booking appointments, creating an account, subscribing to newsletters, participating in surveys, or contacting us. The types of personal data we may collect include:
- Contact information such as your name, address, phone number, and email address.
- Booking details and history related to the services you receive (hair styling, manicure & pedicure, skincare treatments, bridal makeup).
- Payment information (processed securely via third-party providers, we do not store full payment card details).
- Preferences and feedback you provide related to our services.
We also automatically collect certain information when you access and use our online platform. This information may include:
- Usage details about your visit, including pages viewed, links clicked, and navigation paths.
- Technical information, such as your IP address, browser type, operating system, device information, and timestamps.
- Information collected through cookies and similar tracking technologies (see Section 7 below).
2. How We Use Your Information
We use the information we collect for various purposes, including:
- To provide and manage the services you request, including booking and appointment management.
- To communicate with you about your bookings, services, updates, and promotions (where you have consented).
- To process payments for services.
- To improve and personalize your experience on our online platform and in our salon.
- To analyse how our service is used and to monitor and analyse trends and usage.
- To ensure the security and integrity of our online platform and business operations.
- To comply with legal obligations and regulatory requirements.
- For marketing purposes, with your explicit consent.
We do not sell your personal data to third parties.
3. Legal Basis for Processing Personal Data (GDPR)
We process your personal data based on the following legal grounds:
- Necessity for the performance of a contract: Processing is necessary to provide the services you have requested or to take steps at your request before entering into a contract.
- Legitimate interests: Processing is necessary for our legitimate interests or those of a third party, provided your fundamental rights do not override these interests (e.g., improving our services, preventing fraud, direct marketing where permitted).
- Consent: We may rely on your freely given, specific, informed, and unambiguous consent for certain processing activities, such as sending marketing communications. You have the right to withdraw your consent at any time.
- Legal obligation: Processing is necessary for compliance with a legal or regulatory obligation that applies to us.
4. Sharing and Disclosure of Your Information
We may share your personal data with third parties in the following circumstances:
- Service Providers: We use third-party service providers to perform functions on our behalf, such as payment processing, booking systems, website hosting, data analysis, and marketing services. These providers are given access to personal data only as needed to perform their functions and are required to protect the data.
- Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
- Business Transfers: In connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
- With Your Consent: We may share your information with third parties when we have your explicit consent to do so.
We do not sell your personal data to third parties.
5. Data Security
We implement appropriate technical and organisational measures designed to protect your personal data from accidental loss, unauthorised access, use, alteration, or disclosure. However, please be aware that no security system is impenetrable, and we cannot guarantee the absolute security of your information transmitted through our online platform.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
7. Your Data Protection Rights (under GDPR)
Depending on your location and applicable law, you may have the following rights regarding your personal data:
- The right to access: You have the right to request copies of your personal data.
- The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
- The right to erasure: You have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to object to processing: You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
- The right to withdraw consent: Where our processing is based on your consent, you have the right to withdraw that consent at any time.
- The right to complain: You have the right to lodge a complaint with a supervisory authority, such as the Information Commissioner's Office (ICO) in the UK.
To exercise any of these rights, please contact us using the details provided below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).
8. Cookies and Tracking Technologies
Our online platform uses cookies and similar tracking technologies to enhance your experience, analyse usage, and for marketing purposes. Cookies are small text files placed on your device. You can manage your cookie preferences through your browser settings. Please note that disabling cookies may affect the functionality of our online platform.
9. Links to Other Sites
Our online platform may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
10. Children's Privacy
Our online platform is not intended for use by children under the age of 16. We do not knowingly collect personally identifiable information from children under 16. If we become aware that we have collected personal data from a child under age 16 without verification of parental consent, we take steps to remove that information from our servers.
11. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will update the "last updated" date at the top of the Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Gloss & Grace
47 Fulham Road,
London,
SW3 6HH,
United Kingdom.
Email: " class="text-accent hover:underline">[email protected]