Katy Nail and SPA is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
It is the intention of this privacy statement to explain to you the information practices of ‘Katy Nail and SPA’ in relation to the information we collect about you.
For the purposes of the GDPR, the data controller is;
95B Morehampton Road
Donnybrook, Dublin 4
You can email us email@example.com
In this document “we”, “our”, or “us” refer to Katy Nail and SPA. Please read this statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Who are we?
Katy Nail and SPA is a multi-award winning beauty salon. Offering our clients the very best in beauty treatments.
Accuracy of your personal data
Please keep us up to date with any changes to your personal data, this allows us to ensure that your personal data is kept accurate and up to date.
Purpose for processing your data
Personal data refers to any information relating to an identified or identifiable natural person (Data Subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular in reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
In order for us to provide a service to you, we require certain information about you that is classed as personal information.
How we collect your data
How we get the information and why we have it
You may provide us with your personal information when you;
• Fill in the query form on our website
• Correspond with us via email, phone or otherwise
• Meet with us on a one-to-one and provide us with your business card, for example.
• Send your cv to us in order to apply for work
Most of the personal information we process is provided to us directly by you, however we may also receive personal information indirectly, from the following sources in the following scenarios:
Facebook, Instagram and Google
From visiting these pages, or interacting with us, you are passing information on to us via the above platforms, these are known as cookies. This type of information is technical data about your computer equipment, browsing actions and preferences.
We also may have access to your publicly available details from these sources.
Why are we processing your data? Our legal basis.
We are required to determine the legal basis for which we process different categories of your personal information, and to notify you of the basis for each category.
Most of the personal information we process is provided to us directly by you for one of the following reasons:
We process this information on the basis there is a contract between us, or that you have requested we use the information before we enter into a legal contract
Additionally, we may aggregate this information in a general way and use it to provide class information, for example to monitor our performance with respect to a particular service we provide. If we use it for this purpose, you as an individual will not be personally identifiable.
We may share this information with third parties in order to process the purchasing transaction of our services. These companies must also adhere to the same data protection legislation.
We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.
Information we process for the purposes of legitimate interests
We may process the information on the basis there is a legitimate interest, either to you or to us, of doing so.
Where we process your information on this basis, we do so after having given careful consideration
• whether the same objective could be achieved through other means
• whether processing (or not processing) might cause you harm
• whether you would expect us to process your data, and whether you would consider it reasonable to do so
For example, we may process your data on this basis for the purpose of;
• necessary administration of our business – for example, creating your client account
• responding to unsolicited communication from you which we believe you would expect a response
• Processing payments and invoices
Information we process because we have your consent
Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide with more information about our business, including job opportunities, our products and services, you provide your consent to us to process information that may be personal information.
Sometimes you might give your consent implicitly, such as when you send us a message by email to which you would reasonably expect us to reply
You may also consent to have your data used in order to receive information on a new product offering which we think may suit you.
Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally.
We continue to process your information on this basis until you withdraw your consent, or it can be reasonably assumed that your consent no longer exists.
You may withdraw your consent at any time by instructing us at firstname.lastname@example.org.
Information we process because we have a legal obligation
We may be required to give information to legal and regulatory authorities if they so request and subject to the correct authorisation
What we do with the information
• verify your identity for security purposes verify your identity for security purposes
• sell products to you
• provide you with our services
• keep our website safe and secure
We may share your personal data with selected business associates, suppliers and contractors to
provide you with our services. For example, these business partners may include our web hosting provider and our IT Cloud service providers.
How will Katy Nail and SPA use the personal data it collects about me?
Katy Nail and SPA will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than necessary. For information on the time periods, your data is held for please contact us on email@example.com.
Special Categories of personal data
If we collect any special categories of personal data (eg. Health, political opinions, trade union membership – financial information is not classified as special categories of personal data) we will ensure we receive your explicit consent.
In some circumstances it may be necessary for us to transfer your data outside the European Economic Area (EEA). We will only transfer data to receivers that are in countries approved by the EU Commission, or where there are the appropriate safeguards in place to protect your personal data. For further information on these appropriate safeguards, please email firstname.lastname@example.org.
Your data protection rights
Under data protection law, you have rights including:
• Your right of access – You have the right to ask us for copies of your personal information
• Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances
• Your right to object – You have the right to ask us to stop processing your personal data for profiling or direct marketing
• Your right to restriction of processing – You have the right to object to the processing of your personal data in certain circumstances
• Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have
one month to respond to you. Exemptions may apply if the information requested is considered excessive or repetitive.
Please contact us if you wish to make a request.
How to complain
You can also complain to the Data Protection Commission if you are unhappy with how we have
used your data.
The Data Protection Commission address:
21 Fitzwilliam Square South
What are cookies?
Cookies are simple text files that are stored on your computer or mobile device by a website’s server. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier, the website’s domain name, and some digits and numbers.
What types of cookies do we use?
We may use a variety of cookie types outlined below at different times.
Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our website and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account.
Functionality cookies let us operate the site in accordance with the choices you make. For example, we will recognize your username and remember how you customized the site during future visits.
These cookies enable us and third-party services to collect aggregated data for statistical purposes on how our visitors use the website. These cookies do not contain personal information such as names and email addresses and are used to help us improve your user experience of the website.
How to delete cookies?
If you want to restrict or block the cookies that are set by our website, you can do so through your browser setting. Alternatively, you can visit www.internetcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers and devices. You will find general information about cookies and details on how to delete cookies from your device.