© Copyright 2020 Hearting - All Rights Reserved            Contact: +44 7729 466 501, info@heartingbeauty.com

Our Policy for Protecting Your Online Privacy

The following privacy notice outlines how I, Rita Hering collects, use, protect and transfer your personal data.
The data protection officer/data owner for the business is me, Rita Hering. You can contact the data protecion collection officer/data owner via email:

info@heartingbeauty.com

or writing to
Rita Hering

Sunkissed Tanning Hair Beauty Salon
2 The Parade, Hangleton Rd
Hove
BN3 7LU

The personal data that I collects is:
• Name
• Date of birth
• Home address
• Email address
• Phone number
• Health information

I take your privacy seriously and will never sell your personal data to any third party. Sharing of your data and direct marketing activities are only carried out with your express consent, which you are free to withdraw at any time.
I need to obtain and process your personal data to provide you with my services and treatments and to fulfil my business and legal obligations. I will never collect any personal information from you that I do not need or retain any dara that is no longer necessary for the purposes specified in this notice.

Where I request sensitive personal data from you (i.e. health or medical data), the reason(s) for the request will be clearly given along with the purposes of the processing. Explicit consent through a signature will always be required for me to obtain and process your health information.

I am the data collector and processer of your personal information for purposes laid out in this privacy notice. Adobe Fill and Sign acts as data processor on behalf of me and has access to personal information only in cases that customer support or troubleshooting is required by me, they must process the personal information in accordance with this Privacy Notice and as permitted by applicable data protection laws.

Your personal data is processed to:
• Collect specific personal data (name, address, email, contact number,DOB) that is required to enter into a contact to sell a service or product.
• Engage in communication with you including confirmation and reminders of appointments, and request to cancel or change bookings.
• Collect Health Information to perform the agreed services appropriately, and potentially highlight areas that services and products may cause issues clients because of their health.
• Ensure a safe service and provide industry standard advice.
• Select relevant offers, promotions and information for you.
• Estimate the number of customers I have.
• Hold personal data that is required by law or to respond to legal process.
• Hold for insurance purposes.
• Store customer record.

You hold particular rights over your personal data held by me. Where you have provided consent for me to contact you as part of my marketing services, you have the right to modify or withdraw your consent at any time by using the unsubscribe option accompanied with all of my direct marketing or by contacting me.

You also have the right:
• To be informed of how your personal data will be used before it is collected.
• To have personal data corrected if it is incomplete, inaccurate or out-of-date.
• To request the removal or deletion of personal data where there is no compelling reason for its continued processing.
• To restrict processing, to block processing of your personal data.
• To data probability, having your data moved, copied or transferred from me to another organisation in an easier readable format.
• To object to direct marketing from me.

Health questions are asked in many of our consent forms to potentially highlight treatments that may have a negative effect on your health due to a medication you have. I ask for consent before gathering and processing this information. At any time after giving consent, you can withdraw your consent, subject to legal, insurance and contractual restrictions (see more on „Your rights as an individual”). Your privacy is very important to me and I only use this information for determining your suitability for the treatment.

Your personal data is collected when you provide it to me through our website’s booking system, over phone, by email, in writing, social media or any other means by which you provide it to me. Information is stored using Adobe Fill and Sign platform as well as some level of paper record keeping.

Your personal data is shared only with Adobe Fill and Sign representatives in case that customer support and troubleshooting is required for the business. I do not share your personal information with any third party without your prior consent, other than those already disclosed in this privacy notice or as part of our legal obligations under the relevant data protection laws.

Data processors are third parties who provide some elements of my business services for you. Where I use a third party, I have strict agreements in place governing the processing for your personal data, on which no action can be taken without instruction from us. The third-parties with whom I work will never share or disclose your personal information and I hold it securely at all times.

I use software provided by XY to manage the salon for appointment scheduling, MRC and marketing.
I retain your personal data for as long as necessary to provide you with my service as my client. I am required under tax low to keep your personal data for minimum 7 years.
Health and Safety records will be retained for 10 years and where I have your consent for marketing purposes, I will retain the minimum required data until you notify me that you no longer wish to receive such information.

The criteria which I would continue to process your personal information includes:
• Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information.
• Where processing is necessary for the establishment, exercise or defence of legal claims.

When your personal data is processed, all of it stored in Adobe Fill and Sign.
In the event that you want to purchase a service or products from me, certain personal information is required to enter into the contact with you.I will not be able to enter into contact with you to fulfil an attempt to purchase a service or product if you do not provide your personal information.

As noted in the privacy statement, I am processing your personal data to comply with legal and statutory obligations and in the performance of a contract. You can always chose not to provide personal information, however,I will not be able to provide certain products and service in these instances.

Appropriate measures taken to protect your personal data from access from unauthorised persons or inappropriate access, internal or external. Your connection to my booking system uses a HTTP Secure communication protocol and TLS security. This means that all information passed to the booking system is encrypted during data input and transfer to the cloud.
In the occurrence that you want to make a complaint about how your personal data was gathered, how it is being processed by me, or third partied used by me or you are not satisfied about how a complaint has been handled, you retain the right to lodge a complaint directly with me.

Rita Hering