Katherine Reynolds at Business Beautician Ltd is the data controller who is responsible for making sure that your data is kept securely and only used for the specific purposes that you agreed to, including any information you have provided us when signing up to our newsletter or buying a product or service.
In this policy “we”, “us” and “our” refers to Katherine Reynolds as data controller for Business Beautician Ltd.
Our Contact Details:
This website is owned and operated by Business Beautician Ltd
We are registered in England and Wales under registration number 09751257
Registered Address: 10 New Crescent, Horsforth, Leeds West Yorkshire, United Kingdom, LS18 4RR
You can contact us at email@example.com
WHAT SORTS OF DATA DO WE COLLECT AND WHY
We may process data about your use of our website and services. We collect usage data through our analytics tracking system, Google Analytics so we can monitor, analyse the usage of our website and improve our website and services. The legal basis for this processing is our legitimate interests.
This usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
We may process your account data. We collect account data when you register on our website for the purpose of operating the website, delivering a service or product to you, ensuring the security or our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
We may process information relating to transactions, including purchases of goods and services, that you enter into with us through the website. We collect this data so we can deliver the purchases goods / services to you and so we can keep a proper record of the transaction. The legal basis for this processing is the performance of a contract between you and us.
This transaction data may include your name, email address, business name and address.
We may process information relating to transactions for purchases of goods and services. We collect this data so we can deliver the purchases goods / services to you and so we can keep a proper record of the transaction. The legal basis for this processing is the performance of a contract between you and us.
Financial transactions relating to our website and services are handled by our payment services providers, Paypal and Stripe. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices at https://www.paypal.com/uk/webapps/mpp/ua/privacy-full and https://stripe.com/gb/privacy.
Marketing and Communications Data
We may process information that you provide to us for the purpose of subscribing to our email notifications and newsletters. This data may include your name, email address, ip address and marketing preferences. The legal basis for this processing is consent and we will always make sure that you have specifically opted in to any marketing and communications we send out, rather than assuming you might like to hear from us.
You have the right to withdraw consent to marketing at any time by emailing us at firstname.lastname@example.org
You will receive marketing and communications from us if you have:
- Given us your details AND ticked the consent box for us to send you marketing communications; or
- Asked for information from us; or
- Purchased goods or services from us; and
- Haven’t opted out of us sending you marketing and communications
You can opt out of us sending you marketing communications at any time by following the opt out links on our marketing emails or by emailing email@example.com
PROVIDING YOUR PERSONAL DATA TO OTHERS
We may disclose your personal data with these following parties for the reasons given above:
- HM Revenue & Customs and other UK authorities if required to supply data for reporting
- IT and system administration service providers
- Professional advisers (such as lawyers, auditors, accountants and insurers)
- Payment providers, Paypal and Stripe.
- Visitor comments may be checked through an automated spam detection service.
We will always make sure that these parties are GDPR compliant and only process your personal data in accordance with our instructions and for a specified purpose.
INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA
Some of our third parties service providers are located outside of the European Economic Area (EEA). We will always do our best to ensure the protection of your personal data by:
- Only using providers in counties that provide an adequate level of protection of personal data (according to the European Commission’s “adequacy decision”)
- Making sure than any providers based in the United States are part of the EU-US Privacy Shield
Any personal data that you submit yourself for publication through our website and services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
RETAINING AND DELETING PERSONAL DATA
Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes, including any accounting, reporting or legal requirements.
Financial and Transaction data (Contact, Identity, Financial and Transaction Data) will be kept a for a period of six years following your purchase, for tax purposes.
In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:
- The sort of data it is – sensitive, amount and nature of the data
- The purpose for which it was processed and whether that purpose is still valid
- Whether we can fulfil that original purpose another way
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of significant changes to this policy by email.
This is a complicated bit, so we have summarised the rights that you have under data protection law. Accordingly, you should read more about your legal rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights for a full explanation of these rights.
Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
Please contact firstname.lastname@example.org if you wish to exercise any of these rights. We will try to fulfil legitimate requests within 4 weeks.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
- Identify your status (whether you are logged in) on our website
- Keep your user account secure, including preventing fraudulent use of login credentials, and to protect our website and services generally.
- Offer you cookie consent – so we can store your preferences for using cookies
- Remember your details for your convenience when leaving a comment so you don’t have to fill in your details again when you leave another comment.
- Remember your login information and screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Managing your cookies
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
If you block cookies, you will not be able to use all the features on our website.
EMBEDDED CONTENT FROM OTHER WEBSITES
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
LINKS TO OTHER ONLINE RESOURCES
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.