Privacy Policy - Faking It Hairdressing & Beauty

Last updated: 21.10.25

Faking It Hairdressing & Beauty (“we”, “us”, “our”) respects your privacy. This policy explains what personal data we collect, how we use it, and your rights under UK GDPR and the Data Protection Act 2018.

Who we are (Data Controller)

We use trusted partners (“Processors”) to run services like online booking and email. They only process data on our instructions.

What data we collect

  • Identity & contact: name, email, phone, postal address.
  • Booking & service info: appointment history, treatments, notes, patch-test status, colour formulas.
  • Payment info: transaction totals and method (card handling is by our payment processor; we do not store full card details).
  • Marketing preferences: consents, unsubscribes.
  • Website & device data: cookies, IP address, pages viewed, browser type.
  • Sensitive data (special category): health/skin information needed for safe treatments (e.g., allergies, medications, pregnancy). We only record what is necessary and with your consent.

How we collect it

  • Directly from you (forms, bookings, emails, phone, in-salon).
  • Automatically via our website and cookies.
  • From third-party booking/payment tools you use to book or pay.

Why we use your data (lawful bases)

  • To provide services & manage bookings (contract).
  • To run our business & keep records (legitimate interests).
  • To send service messages like reminders/changes (legitimate interests/contract).
  • To meet legal/insurance obligations (legal obligation).
  • To send marketing with your consent (consent, which you can withdraw anytime).
  • To assess suitability/safety for treatments (explicit consent for health data).

Marketing

We may email or text offers/news if you’ve opted in. You can opt out via link in the message or by contacting us.

Sharing your data

We share only when necessary with:

  • Booking & payment providers (e.g., online booking system, card processor).
  • IT/host/email providers and analytics/cookie tools.
  • Insurance/regulators if required by law.
  • Professional advisers (accountants, legal).
    We do not sell your data.

International transfers

If a provider stores data outside the UK/EEA, we ensure appropriate safeguards (e.g., adequacy decisions or standard contractual clauses).

How long we keep it (retention)

  • Client records: up to 7 years after last visit (insurance requirement).
  • Marketing data: until you unsubscribe or after a period of inactivity.
  • Financial records: 6–7 years (tax).
    We’ll keep special category data only as long as needed for treatment history/insurance.

Your rights

You have the right to:

  • access your data;
  • correct inaccuracies;
  • erase/restrict in certain cases;
  • object to processing (including direct marketing);
  • data portability;
  • withdraw consent at any time (does not affect past lawful use);
  • complain to the ICO (ico.org.uk).
    Contact us to exercise these rights.

Cookies

We use essential cookies for site function and optional cookies for analytics/marketing. You can manage preferences via our cookie banner or your browser settings. Disabling some cookies may affect site performance.

Children

We only collect children’s data with parent/guardian involvement where services are permitted. We do not send marketing to minors.

Security

We use appropriate technical and organisational measures to protect your data (access controls, encryption in transit where supported, staff training). No method is 100% secure, but we work to industry standards.

Third-party links

Our site may link to other websites. We’re not responsible for their content or privacy policies—please check theirs.

Changes to this policy

We may update this policy from time to time. The latest version will always be on our website with the date above.

Contact us

Questions about privacy or to make a request:
Email: hello@fakingitnorthampton.com · Phone: 07856 824795 · Address: Unit 4, Wilks Walk, Grange Park, Northampton NN4 5DW