(Why we collect your personal data and what Is done with it)
When you supply your personal data to Indigo Beauty they are stored and processed for the following reasons:
We need to collect some personal information about you and your health to ensure there are no contraindications to your treatment, and legal requirements.
You can, of course, refuse to provide the information, however unfortunately we would have to refuse your treatment as this form is a legal requirement for our insurance.
Provided we have your consent, we may occasionally send you emails with our latest news and offers
We have a legal obligation to regain your records for seven years after your most recent appointment. After this time your records will be destroyed in a method compliant with GDPR
Records that are retained on paper, are locked in a cabinet. Is is only accessible by staff of Indigo Beauty
Your phone number and email may be used electronically, with your permission. This is for appointment reminders and or occasional offers.
At indigo beauty we use a booking system called Fresha. All data is securely backed up every 5 minutes on Fresha’s encrypted cloud database, there system uses SSL security and there hardware has top of the range firewalls.
Fresha is password protected and is only accessible by staff members of Indigo Beauty.
If you wish to contact us via social media, this is password protected but for historic issues with privacy associated with social media sites, you may wish to think about what you send us.
We will never share your data with anyone who does not need to access without your consent. Only the manager and staff of Indigo Beauty will have access to your data.
You have the right to see what personal data of yours we hold and you can ask the owner of Indigo Beauty to correct any factual errors. Provided the legal minimum period has elapsed, you may also ask us to erase your records.
We would like you to be absolutely confident that we treat your personal data responsibility and that we do everything we can to make sure that only people who can access that data have a genuine need to. Of course, if you feel W have mishandled your data in anyway, you have the right to make a formal complaint.