Information audit for Pinx

What personal data do we hold and where?

Type of personal data held

Client Data:
  • Name
  • Contact details (address, phone number, email, date of birth)
  • Client history e.g. colour, consultation records
  • Allergy test records for hair colour
  • Notes of medical conditions
Employee Data:
  • Contact details (address, phone number, email)
  • National Insurance number
  • Bank account details
  • Emergency contacts/next of kin
  • Medical information
  • CVs
  • Job applications
  • Training records
  • Disciplinary records
  • Appraisals / performance reviews
Financial Data:
  • Suppliers
  • Invoices
  • Bank account details
  • Payment history
Marketing Data:
  • Mailing lists (email, text, post)
  • Loyalty scheme members
  • Social media

Where held e.g. salon software, paper

Client Data:
  • Paper
  • Salon software
Employee Data:
  • Paper
  • Computer
  • Mobile phone
Financial Data:
  • Paper
  • Computer
Financial Data:
  • Paper
  • Salon Software

What you use the data for

Client Data:
  • To enable us to contact you.
  • To keep history of any contraindications that would indicate that a particular service or treatment should not go ahead.
Employee Data:
  • Initially employee data will be required to determine if the member of staff is qualified for the job they applied for.
  • To contact staff regarding work matters.
  • To contact next of kin in the event of an emergency.
  • To process Wages and provide relevant details to HMRC.
Financial Data:
  • Invoices from suppliers are kept for accounting purposes.
  • Staff bank details are used to transfer wages and monies due.
  • Client payment history is kept on file in the event of a query from the client in the future.
Marketing Data:
  • To keep a record of your personal details to enable us to contact you regarding special offers, new products, loyalty schemes and new information regarding anything in the salon

Where you got the data from

Client Data:
  • Client consultation forms
Employee Data:
  • The information will be provided by the individual
Financial Data:
  • The information will be provided by the individual or company
Marketing Data:
  • Client consultation form

Do you have consent?

Client, Employee, Financial & Marketing Data:
  • Yes

Who you share it with (if anyone)

Client Data:
  • We do not share this particular information with any third party
Employee Data:
  • The information will be shared with HMRC and management within Pinx
Financial Data:
  • We do not share this particular information with any third party
Marketing Data:
  • We do not share this particular information with any third party

Privacy Notice

This privacy notice explains how Pinx looks after personal information you give us or that we learn by having you as a client and the choices you make about marketing communications you agree we may send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.

Topics

  • What information we collect about you
  • How information about you will be used
  • Marketing
  • Employment
  • How long your information will be kept for
  • Where your information is kept
  • Access to your information and correction
  • Cookies
  • Other websites
  • Changes to our privacy notice
  • How to contact us

What information we collect about you
We collect information about you when you book an appointment for a service or treatment, visit the salon for a service or treatment, buy a product or apply for a job, whether contact is online, on paper, by email or over the phone.

The information you give us may include your name, address, email address, phone number, relevant history which may suggest that a service or treatment should not go ahead or certain products should not be used (e.g. allergies, pregnancy, skin conditions), payment and transaction information, IP address and CVs.

For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.

How information about you will be used
In law, we are allowed to use personal information, including sharing it outside the salon, only if we have a proper reason to do so, for example:

  • To fulfil a contract with you i.e. to provide the service or treatment you have requested and to communicate with you about your appointments
  • When it is in our legitimate interest i.e. there is a business or commercial reason to do so, unless this is outweighed by your rights or interests
  • When you consent to it: we will always ask for your consent to hold and use health and medical information.

We will therefore share your information with:

  • Suppliers of our website
  • Suppliers of our salon software

We have rigorous data protection and security policies in place with all our suppliers.

Some of the people working in our salon are self-employed. Where software systems and reception facilities are shared, our self-employed colleagues will have access to your information.

We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.

How long your information will be kept for
Unless you request otherwise, we will keep your information to contact you for a maximum of 3 years from your last visit to the salon.

After 3 years we will delete all your personal information, except financial transactions, which we are obliged to keep for 6 years.

Information about unsuccessful job applicants will be deleted after four months.

See our data retention policy for further information, including employee data.

Access to your information and correction
You have the right to request a copy of the personal information that we hold about you. This will normally be free, unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.

If you would like a copy of some or all of your personal information, please contact Carrie Platts the salon owner on 01709 533311.

We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or remove information you think is inaccurate.

You have the right to ask us to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.

Information about unsuccessful job applicants will be deleted after four months.

See our data retention policy for further information, including employee data.

E-Newsletters
We email e-newsletters to inform you about products, services and treatments provided by our salon. You have the opportunity to unsubscribe from e-newsletters at any time.

E-newsletters may contain subscriber-tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity. We use this information to refine future email campaigns and provide you with more relevant content based around your activity.

Changes to our privacy notice
We keep our privacy notice under regular review and we will place any updates on this webpage. This privacy notice was last updated on 23rd May 2018.
How to contact us
Please contact us if you have any questions about our privacy notice or information we hold about you:

  • By email reception@pinxsalon.co.uk
  • Or write to us at 5b Worrygoose Lane, Whiston, Rotherham, S60 4AA

You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern:
www.ico.org.uk/concerns/handling

Data Retention Policy

This policy sets out what information Pinx holds, how long we hold it for and when it will be deleted.
It also covers the procedure to follow regarding data requests.

  • Information held by us
  • How long is personal data held for?
  • Where is personal data held?
  • How is personal data deleted?
  • Access to personal information, correction and deletion

Information held by us
We hold personal information about:

  • Clients
  • Former clients
  • Employees
  • Job applicants

We also hold information about financial transactions relating to these e.g. services or treatments provided, products bought, payroll information.

How long is personal data held for?
We aim not to hold personal data longer than necessary.
Unless requested by an individual, the following types of data will be held for the periods shown below, after which it will be securely deleted or destroyed:

Type of Information - Retention Period
Client general records - 3 years
Client health records - 3 years
Financial transactions, invoices and supplier details - 6 years
Employee records, contracts of employment, changes to terms and conditions, annual leave, training records - While employment continues and up to 6 years after employment ends
Payroll and wage records including PAYE, income tax, national insurance, sick pay, redundancy payments - 6 years from the financial year-end in which payments were made
Maternity records - 3 years after the end of the tax year in which the maternity pay period ends
Job applications (unsuccessful) - 4 months after notifying unsuccessful candidates
Emails - One year from the end of the month in which they were received or sent unless a longer period is relevant as above. Emails to and from ex-employees or contractors will be deleted within 2 weeks of them leaving unless these form part of the employment record – see above.

Where is personal data held?
Personal data about clients and employees are held on our secure salon software system which is backed up every day or held in secure electronic files electronically which can be accessed only by Pinx staff or self employed staff
Paper records are held in a locked cabinet or in secure archive storage.

How is personal data deleted
Personal data is permanently deleted in accordance with the retention periods listed above from:

  • Salon software system
  • Electronic files
  • Emails
  • Paper records, which are securely shredded.

Access to personal information, correction and deletion
See our privacy notice
All requests for access to personal information will be handled by Carrie Platts, Salon Owner.
Responses to requests will be made within 30 days.
All information relating to the individual will be compiled into a report and collected from:

  • Salon software system
  • Financial transactions
  • Emails
  • Other electronic records
  • Paper records (where applicable)

Cookie Policy
The Pinx Salon Online Ordering System uses cookies to improve the user experience on our website. We do not pass on or in any way collect personal information about you as an individual user.

Cookies are placed onto your machine by every website you visit, and most of those websites, including ours, may not function correctly without them. However if you would like to disable cookies, you can read how to do so in your browser on aboutcookies.org.

The Pinx Salon Online Ordering System uses the following cookies:

First Party Cookies
These cookies are created by [URL Required] to enable the functionality of various aspects of our website

Cookie Name Function
Random numbers and letters PHP session cookie which identifies a specific user's session. This will expire when you leave the website.

Third Party Cookies
Third party cookies are created by companies to provide various services which we use to enhance our site. The only one we use is Google Analytics - a free, powerful analytics tool used to determine where your visitors are coming from and what content they are looking at. No personal information is collected by Google Analytics.
Any cookies beginning with _ga, _gat, _utm(x) are used to collect information about traffic and user activity.

TOP