The following privacy notice outlines how Bifolco & Matty (‘we’ or ‘us’ or ‘our’) gathers, processes, and protects your personal data. Bifolco & Matty, 3 Harrow Market,Langley, Slough,Berks is a data controller and processes your personal information for the purposes laid out in this privacy notice.
The data protection officer for Bifolco & Matty can be contacted by sending an email to firstname.lastname@example.org or writing to 3 Harrow Market,Langley, Slough,Berks.
Personal Data Collected
The personal data that we collect is:
- Home Address
- Email Address
- Date of Birth
- Phone Number
- Health Information#
Process of Collection
Your personal data is collected when you provide it to us through Phorest software, our website, over the phone, in the Bifolco & Matty hairdressing salon, by email, social media, in writing or any other means by which you provide it to us. Information is stored using the Phorest software platform.
Bifolco & Matty gives you access to information about your account and bookings through Phorest software, for the limited purpose of viewing and updating that information.
Access to this website is not intended for children and we do not knowingly collect data relating to children.
Purpose and Legal Basis for Processing Your Personal Data
Bifolco & Matty take your privacy seriously and will never sell or rent your personal data to any third-party.
We need to obtain and process your personal data to provide you with our products, services and treatments, to process a payment if you purchase a service or product from us and to fulfil our business and legal obligations. We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice. Your information can be also be processed as required by law or to respond to legal process.
Your personal data is collected and processed for the following purposes:
- To perform our contract with you when making purchases.
- To send you service based messages to perform our contract with you (confirmation and a reminder of bookings).
- Collect Health information to perform the agreed services appropriately, and potentially highlight areas that products and services may cause issues to clients because of their health.
- To deal with any enquires and to resolve any complaint.
- To manage our relationship with you (notify you about changes to our terms or privacy notice, ask you to leave a survey)
- As part of our legal obligation for business, accounting, tax and insurance purposes.
- To contact you with any special offers and news from our salon.
- We ask for your permission to contact you with our special offers and news from our salon. Where you have given us your consent you can withdraw your consent at anytime.
Special categories of personal data collected
Health questions are asked in many of our consultation forms to deal with treatment queries and to potentially highlight treatments or products that may have a negative effect on your health due to medication you are taking or a health condition you have. Your privacy is very important to us and we only use this information for determining your suitability for the treatment and to provide a safe service.
We put extra safeguards in place to protect special category data to protect it from unauthorised disclosure, unauthorised modification or unauthorised access. We only collect this information from you based on your explicit consent.
Children’s personal data
We take children’s personal data very seriously and we do not knowingly collect personal data from children below the age of 16 without consent from a parent or guardian. We take great care in protecting the personal data of children. If we discover that we have collected personal data from a child without consent from a parent or guardian we will delete that personal data as soon as practically possible.
Your rights as the individual
When we process your personal data you hold a number of rights in relation to how this personal data is processed which includes:
- The right to access what personal data we hold about you.
- The right to be informed of how we are using your personal data
- The right to request the erasure of the personal data we hold on you.
- The right to object to us processing your personal data or restrict us from processing some or all of your personal data.
- The right to object to direct marketing from us.
- The right to request the correction of incorrect information we hold on you.
- The right to request that we transfer the information we hold on you to another service provider.
- The right to lodge a complaint directly with the Data Protection Supervisory Authority about how we process your personal data.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request; this is to ensure that your data is protected and kept secure.
Data Sharing, Third Parties and Data Processors
We disclose your personal data to third parties for the purposes of providing a service to you, running our business, and when required by law and to enforce our legal rights. Where we use a third-party, we have strict agreements in place governing the processing of your personal data, on which no action can be taken without instruction from us.
The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times. Furthermore, they must process the personal information in accordance with this Privacy Notice and as permitted by applicable data protection laws. We share your personal data with the following categories of companies:
- Third party software companies such as a Phorest to improve the customer experience for you and improve the way we do business.
- Payment processors and software to facilitate online bookings with us. These companies process your personal data for different purposes to fulfil regulatory requirements.
- Professional services such as marketing companies to help us run our business and get in contact with you.
- Accountancy and insurance companies to help us run our business and fulfil our legal obligations.
How Long Do We Keep Your Data?
We retain your personal data for as long as necessary to provide you with our services as our client.
The criteria for which we would continue to process your personal information includes:
- Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information.
- Where processing is necessary for the establishment, exercise or defence of legal claims.
Our website relies on cookies to carry out certain functions and to tailor your user experience. Enabling these cookies is not strictly necessary for the website to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended. You can control and/or delete cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
How Long Do We Keep Your Data?
When your personal data is processed through our salon software, all of it is held within the European Economic Area (EEA). Your information is processed by the salon software and stored in the Amazon Web Services cloud. During this process your data is encrypted in transit and at rest.
Consequences of not providing your personal information to us
In the event that you want to purchase a product or service from us, certain personal information may be required. You can always choose not to provide personal information. However, we may be unable to provide some/all products, services and treatments in these instances.
As mentioned above, we may contact you by SMS or Email to let you know about any special offers, promotions or with news about our products and services.
You can opt out from marketing at any time by:
- Clicking unsubscribe on any email or by responding to instructions with each SMS.
- Contacting our team at email@example.com
Please note, it may take a number of days to process your request.
Safeguarding your Personal Data
Appropriate measures are taken to protect your personal data from access from unauthorized persons or inappropriate access, internal or external. Your connection to the online salon platform uses a secure connection. All information passed to the salon software is encrypted during data input and transfer to the cloud.
Any paper files recording your personal data are held in a locked filing cabinet or safe which can only be accessed by authorised personnel in the salon. Employees are only assigned specific access rights and can only access the salon software with the PIN number assigned to them by the management of the salon.
Questions about Data Protection
In the occurrence that you have any questions or want to make a complaint about how your personal data was gathered, how it is being processed or if you are not satisfied about how a complaint has been handled, you can get in contact with us.
Bifolco & Matty
3 Harrow Market,Langley, Slough,Berks