GDPR Policy & Privacy

At The Courtyard Skincare and Beauty we take your personal data very seriously and that’s why we want to let you know why and how we collect and store your personal details in accordance with the new GDPR legislation.

​

 

We collect your data in several ways at The Courtyard Skincare and Beauty:

​

•  In the salon using a printed client consultation form

• We then store your name, address, date of birth, email address, treatment history and any medical alerts on our secure Shedul system.

•  Contact Form – This is a contact form on our website for you to contact us with enquiries. We ask for your name, email address and to leave a comment, you will NOT be added to our mailing list for using this.

• Social media – You may contact us via Facebook messenger or other networks and we will reply but not store this information.

​

 

When arriving for your appointment at the salon we will ask you to complete a client record card:

​

• Your full name, so we can address you in the salon and ensure all communication is with the correct person.

• Address, to help us distinguish 2 clients with identical names. If any of your loved ones contact us to send you a gift voucher.

• Email address, to send booking confirmations as well as email invoices of any services you have received.

• Medical history including operations, diseases, disorders – Medical history is crucial to allow us to perform our treatments safely and adhere to the terms of our insurance.

• Allergies, to ensure nothing we use during a treatment or around you at the salon can cause you harm, irritation or any other complications and to adhere to the terms of our insurance.

• Medication, some medication can be a contraindication to treatment or react with products we use. It is essential we know details to protect you the client and adhere to our insurance terms.

• Patch test is a skin test we carry out in the salon to test for potential allergic reactions to certain treatments. We keep this on file, so all therapists know you can have that treatment and in the event of a reaction we know what was used and when.

• Treatment history, so each therapist can see what and how the last therapist carried out a treatment on you to ensure results are consistent amongst all staff.

• Your contact preferences, so if you wish to be on our mailing list you must opt in otherwise we cannot legally send you our newsletters and special offers.

• Your consent to use treatments photos – Some of our treatments involve before and after photos on salon devices to aid the client experience and proof of progress/treatment.

​

Your data is in digital and paper form at The Courtyard Skincare and Beauty. Paper copies of consultation forms are stored alphabetically in a filing cabinet that only staff of The Courtyard Skincare and Beauty have access to.

​

Digital information is stored using Shedul booking system that is password protected. Only The Courtyard Skincare and Beauty staff have access to Shedul and certain areas are restricted to management only:

​

• We will hold your data for up to 2 years unless you ask us otherwise. In order to continue to provide the client with the best service possible we need these records to see exactly what treatments were performed, reactions, likes, dislikes, patch tests, products used etc.

• You have the right to be forgotten. If at any time you no longer wish to be on The Skincare and Beauty database that’s no problem, simply send an email to info@thecourtyardskincareandbeauty.co.uk and we will remove information.

• You have the right to access your personal data that The Courtyard Skincare and Beauty holds and the right to rectification if it is incomplete, incorrect or out of date.

• You have the right to data portability if you wish us to transfer some personal data maybe patch test results if you a moving to another salon.

• You have the right to object to processing and direct marketing. Your data can remain in one place but not used.

​

​