Privacy Policy

Who we are

Our website address is: https://bryantandcohairdressing.co.uk.

What personal data we collect and why we collect it

We collect contact numbers and Email address this information is required for appointments and admin related work.

We also collect Date of Birth, this is for marketing use and it is an opt-in option and not obligatory.

Who we share your data with

We do not share out any data to any third parties.

How long we retain your data

We keep clients data for a year, if the client is a regular client then the software we have will tell us this and we will keep regular clients data and if they are not a regular client we will then delete all information after a year.

What rights you have over your data

You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Additional information

How we protect your data

We use Shortcuts software and on this each client has their own profile where their information is stored all of this is online. We have a computer which is password protected which only the staff know and is logged off after every use.

We also use WordPress plugin called Wordfence which tracks login attempts.

What data breach procedures we have in place

We will notify you within 72 hours of any data breach, as well as the Information Commissioners Office (ICO).

The notification shall:

  1. describe the nature of the personal data breach where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned
  2. communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
  3. describe the likely consequences of the personal data breach

Describe the measures which may be taken/proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

What third parties we receive data from

We do not receive any data from third parties.

What automated decision making and/or profiling we do with user data

We do not carry out automated decision making or profiling with data.