We want to stay in touch with our customers to let you know about our latest products, promotions, and other relevant information. We believe that our customers like to receive regular newsletters, new product offers, and updates.
You have the right to opt out of receiving communications from us. Please let us know if you would prefer NOT to receive messages about our products or services.
Due to our business obligations to our customers, we will continue to communicate service related information to our customers, as you would expect, but by opting out above you will not receive any marketing related communications.
There is a full privacy notice below which you are free to read – however this section provides a summary of what data we collect and what we do with it in simple and straightforward terms. If you have any questions at all, feel free to email us at email@example.com.
Online data – we use google analytics to collect overall data on the number of visitors to our site and what they do when they are there. For example, if 100 people viewed our home page and then 86 of them viewed an individual product, we can see that information. We also review how long people stay on our site and broadly, where they come from down to a regional level. We do not store or collect any data on IP addresses or use that data to identify individuals. Although this information is available through google analytics, it is not used by us or processed in any way. We use the data we collect to alter our website on a general level. We do not, at present, tailor the site to individuals.
Customers – we collect the names and addresses of our customers as well as their contact details for the purposes of dealing with them on a day to day basis and for insurance/accounting purposes. We also ask customers to complete a consultation form for health and safety and also to gather customer treatment preferences. This is necessary if we are going to be able to deliver on our customers’ requirements. All customer data is stored for 7 years after which it is securely destroyed (shredded). We also sometimes send our customers an email newsletter or text update, from which they are free to unsubscribe. You can opt out of receiving any contact, other than that mandated by our contractual obligations, by emailing firstname.lastname@example.org or texting ‘STOP’ to an SMS message.
Business Prospects – we do not currently source or collect the details of businesses, and individuals in those businesses, for the purposes of marketing. We send out email newsletters, direct mail and make sales calls. This is done on the basis of legitimate business interest. It is in our interest to communicate with businesses in our area to sell our services, and it is in their interests to receive our communications.
Customers Data – we store data in a 3rd party online customer database for the purpose of storing customer information, appointment setting, reminder services, service history and invoicing. We have performed due diligence on and can confirm they abide by GDPR or have security in access of, or acceptable to GDPR compliance. You have the right to be forgotten by us. If you want to be forgotten, please email email@example.com. We will remove all the data we hold other than what is required under our contractual obligations. We will not communicate with you.
However, you should be aware that by being forgotten, should your details be passed to us or you make a new enquiry, we will neither hold, nor have access to data about you. We also need to store some data, in a secure place, to ensure that we remember your request to be forgotten (for example should we need to restore systems from a backup, we need to know, to remember, that you wanted to be forgotten).
As part of handling and processing your data we have a designated Data Controller and this is your first point of call should you have any issues or questions about what we do, or why we do it.
Our Data Controller is Georgie & Co Beauty.
1 The Old Coach House, Castle Farm, Cholmondeley, SY14 8AQ.
The Data Controller is Georgie & Co Beauty.
1 The Old Coach House, Castle Farm, Cholmondeley, SY14 8AQ.
How we collect your data – We collect your data from phone calls, text messages, emails, and client appointments and consultation forms.
Lawful basis of our processing – we process data under our contractual obligations to our customers, and under our legitimate business interests.
Contractual Obligations – it is necessary for us to process your data to deliver on our contractual obligations.
Legitimate business interest – it is in our legitimate business interest to keep you informed of our services products with the purpose of retaining your custom for the future, or, if you are not currently a customer, for the purposes of potentially supplying you with our products/services.
When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws.
Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
We collect a range of data – information required to deal with our customers and process their data. We also collect contact details (e.g. email address, phone number, address).
We may share this data with third parties (share, not sell) such as email/text sending providers who have confirmed that they are in line with GDPR.
We do not transfer data outside of the UK or EEA. However by the nature of the Internet, the personal data you supply through this website may be sent electronically to servers anywhere in the world, google analytics data for example. It may be used, stored and processed anywhere in the world, including countries outside the European Economic Area. Any transfers of the data outside the EEA we will ensure that all reasonable security measures are taken and that any third party processers will be required to process the data in accordance with GDPR.
We retain all data for 7 years from last purchase or last contact, after which it is securely destroyed.
You can find more information on your individual rights on the ICO website by clicking here https://ico.org.uk/
You can withdraw your consent for any aspect of our data processing at any time by emailing firstname.lastname@example.org.
Please be aware that we must process and maintain data to support contractual obligations to you and to third parties so withdrawing your consent will not necessarily mean your data is deleted. We will retain what is necessary to fulfil our contractual obligations, and also an identifier to ensure we do not collect your data again – so we have a record that you have asked us not to process your data.
You can also lodge a complaint with the ICO if you feel we have not lived up to our obligations by clicking here https://ico.org.uk/concerns/
The data we hold comes from two sources – for our customers it comes from the customers themselves. For our business contacts it comes directly from them, or from publicly available sources including the internet. Our customers also supply us with their data for the process of marketing.
In order to provide you with the best, tailored experience of our site we will need to place small text files, or ‘cookies’, or your computer. Most cookies that we use are ‘session’ cookies and only exist for the time that you are using our site. They perform functional tasks – such as remembering that you are logged in as you move from page to page, or to pre-load your personal details into forms to save you time.
We also track cookies anonymously to fuel our site analytics and learn how to improve your experience and hone the relevance of our products and services.
You can set your browser to reject all cookies. Please note that if you do this then certain areas of this website will not be able to function for you. Choose a browser setting that rejects third-party cookies but allows the benign, functional ones that make the good stuff work.
External links to any site other than ours are not our responsibility – obviously we cannot control how any other business handles your data.
Security – You can rest assured that all of your personal data is kept secure. Unfortunately, no data transmission over the Internet is guaranteed 100% secure, but we do take appropriate steps to protect the security of your personal data as required under our obligations under GDPR.
We endeavour to keep your personal data accurate and up to date. If you become aware of errors or inaccuracies, please email email@example.com.
Online Advertising We May Use – We reserve the right to use Google AdWords Remarketing to advertise ourselves across the Internet. AdWords remarketing will display relevant ads tailored to you based on what parts of our website you have viewed by placing a cookie on your internet browser. The cookie does NOT in any way identify you or give access to your device. Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you.
How to Opt Out of Remarketing and Advertising – If you do not wish to participate in our Google AdWords Remarketing, you can opt out by visiting Google’s Ads Preferences Manager.
This Policy was updated on 23rd April 2018.