Pulchra Oxford takes your privacy and personal data very seriously and will only use your data for providing the services and treatments you have requested from us.
Detailed below explains why and how we collect and store your personal details in order to comply with the General Data Protection Regulation (GDPR) legislation (effective from 25th May 2018).
Pulchra Oxford collects your data in 3 ways, a printed consultation form, Pulchra Oxford website contact form and through social media message requests.
When arriving for your appointment at Pulchra Oxford, we will ask you to complete a client consultation form. This form requires the following personal details from you:
- Your full name……So we can ensure all communication is with the correct person.
- Your address and date of birth……To help us distinguish between two clients with identical names and for the emergency services in case of an emergency whilst at the salon.
- Your email address and telephone number………. To send booking confirmations, reminders as well as monthly newsletters
- Medical history (Including medical conditions, allergies, infections, operations, implants, disorders, all medications taken and skin patch / sensitivity test results)…….Medical history is crucial to allow us to perform our treatments safely as well as complying with the terms of our insurance policies.
- Treatment history…… This is so each therapist can see what treatments have been carried out on you, as well as complying with the terms of our insurance policies.
- Your Contact preferences………. If you wish to be on our mailing lists you must “opt in” otherwise we cannot legally send you our newsletters and special offers.
- Your consent to use treatments photo’s…… Some of our treatments involve before and after photos to aid the client experience and treatment progress. Sometimes we like to use these on social media and need your permission to do so (mainly but not limited to nails, eyelashes and facial treatments).
- Your consent and signature……. We require you read our Privacy Information Policy and Statement and complete a form to sign and authorise that;
You answered questions to the best of your knowledge and honestly to allow us to provide you with the best possible care during your treatment(s).
That we obtained this information lawfully from you That you agree to Pulchra Oxford holding your data on our digital online booking system database (Premier Spa) and on paper form in our secure locked filing cabinets.
The personal data Pulchra Oxford collects through our website contact form or by way of social media is your name, your email address and telephone number (if provided), we will not use this information for any purpose other than responding to your request.
At Pulchra Oxford your data is stored in both a digital and paper format.
Paper copies of consultation forms are stored in a locked and secure filing cabinet that only therapists at Pulchra Oxford have access to.
Digital information is stored using online booking system and is password protected, only therapists at Pulchra Oxford have this password and certain areas of information are restricted even further to management only.
We also use iOS and Android based devices (for photographic purposes only) at the salon, these are password protected and do not contain client personal data. The devices contain client images from previous treatments with client permission and are not used for any marketing purposes other than agreed by the client in their consultation form. Photos do not contain personal details or clients full face.
We DO NOT sell or share your personal data with anyone. No other third party including our accountant has any client personal data.
The data and information Pulchra Oxford collects will be retained for 7 years in order to comply with best practice and the terms of our insurance policies. We will review our email data base every two years and automatically delete any inactive clients.
- The right to be informed………We must advise you before any personal data is gathered and the reasons for this, and your consent must be obtained.
- The right of access…….You can request to see personal data that Pulchra Oxford holds about you, you also have the right to rectification if it is incomplete, incorrect or out of date.
- The Right to be forgotten………If at any time you no longer wish to be on our database for communication, simply send an email to email@example.com and we will remove from our mailing list.
- The right to Data portability……..You can request us to transfer some personal data, such as your record of treatments.
- The right to object to processing and direct marketing…… You can request that your data can be processed but not used in our communications or marketing campaigns.
- The right to be notified…….. In the event of a breach of personal data you will be contacted by within 72 hours of discovery.
- Rights of children…… All children over the age of 13 must be able to read and understand what information they are giving.
- We are required to process children’s data to comply with the terms of our insurance policy, but this data is not used for any other purpose than to ensure we carry out a safe treatment.
Parental / Guardian consent for children under the age of 16 is also required.