Privacy Policy

1. Who We Are

HEY BAE SALON LTD (Company Registration Number: 14169211) is a hair and beauty salon based in Liverpool, United Kingdom. We are the data controller responsible for your personal information. Our registered office is located at Landmark House, 43-45 Merton Road, Liverpool L20 7AP, and our trading address is 619 Prescot Road, Old Swan, Liverpool L13 5XA, United Kingdom.

If you have any questions about this Privacy Policy or how we handle your data, please contact us at hello@heybaesalon.co.uk or write to us at our salon address.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

• Contact Information: Your name, address, email address, and telephone number.
• Appointment Data: Details of your bookings, preferred services, stylist preferences, and appointment history.
• Health & Safety Information: Details of allergies, skin sensitivities, medical conditions relevant to treatments, and patch test results.
• Payment Information: Billing address and payment method details (processed securely through our payment providers).
• Communication Data: Records of our correspondence with you, including emails, phone calls, and messages.
• Technical Data: IP address, browser type and version, time zone setting, and device information when you use our website.
• Marketing Preferences: Your preferences in receiving marketing communications from us.
• Photographic Records: With your explicit consent, we may take before and after photographs of treatments for our portfolio.

3. How We Collect Your Data

We collect personal data through various methods:

• Direct Interactions: When you book appointments, fill in consultation forms, correspond with us, or visit our salon.
• Automated Technologies: As you interact with our website, we may automatically collect Technical Data using cookies and similar technologies.
• Third Parties: We may receive personal data from analytics providers and advertising networks.

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Service Provision: To manage your appointments, provide hair and beauty services, and maintain your client record.
• Health & Safety: To ensure treatments are safe and appropriate for you, including allergy testing and medical history.
• Communication: To send appointment confirmations, reminders, and respond to your enquiries.
• Payment Processing: To process payments for services rendered.
• Legal Compliance: To comply with legal obligations, such as maintaining records for tax and insurance purposes.
• Marketing: Where you have provided consent, to send you promotional offers, news, and beauty tips.

5. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

• Service Providers: IT support, payment processors, and marketing agencies who assist us in operating our business.
• Professional Advisors: Lawyers, accountants, and insurers who provide professional services.
• Regulatory Authorities: HM Revenue & Customs and other authorities when required by law.

We do not sell your personal data to third parties for marketing purposes.

6. Data Security

We have implemented appropriate security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Secure storage of physical records in locked premises
• Password protection and encryption of digital records
• Restricted access to client data on a need-to-know basis
• Regular staff training on data protection
• Secure disposal of records when no longer needed

7. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Generally, we retain client records for 7 years after your last visit, in line with UK tax and insurance requirements. Health and safety records may be retained for longer periods where required by law.

8. Your Legal Rights

Under data protection laws, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: Request limitation of how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent.

To exercise any of these rights, please contact us using the details provided in Section 1.

9. Cookies and Tracking

Our website uses cookies to distinguish you from other users and provide a better browsing experience. We use:

• Essential Cookies: Necessary for the website to function properly.
• Analytical Cookies: Help us understand how visitors interact with our website.
• Functionality Cookies: Enable enhanced functionality and personalization.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

Last updated: March 2024

11. Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details above. You also have the right to complain to the Information Commissioner's Office (ICO) at www.ico.org.uk.