1. Who We Are

• Business name: Beauty Arts
• Address: 48A Seafield Road, Southampton, SO16 9NT, United Kingdom
• Email (privacy & data matters): info@beautyarts.co.uk

2. What Personal Data We Collect

Depending on how you interact with us, we may collect the following information:

Personal details

• Name
• Email address
• Contact details
• Appointment and booking information

Health and treatment information (special category data)

• Medical conditions
• Allergies or sensitivities
• Medication information
• Patch test results
• Consultation notes relevant to treatment safety

Under-18 data

• Child’s name and relevant treatment information
• Parent or legal guardian details
• Signed consent and confirmation of authority

Communications

• Emails
• Phone call records (content only where relevant)
• WhatsApp messages
• SMS / text messages
• Facebook and Instagram messages

3. How We Collect Data

We collect personal data when you:

• Book an appointment through our website or booking system (where available)
• Book through third-party platforms such as Treatwell, Google Business Profile, or other booking partners
• Contact us by phone, email, WhatsApp, text, Facebook, or Instagram
• Complete consultation, patch test, consent, complaint, or feedback forms
• Attend an appointment in the salon

4. Why We Collect and Use Your Data

We collect and process personal data for the following purposes:

• To manage bookings and appointments
• To provide safe and appropriate beauty treatments
• To assess treatment suitability and reduce health risks
• To meet legal, regulatory, and insurance requirements
• To respond to enquiries and complaints
• To maintain accurate client records
• To improve our services and business operations
• To send marketing communications only where consent has been given

5. Lawful Basis for Processing

Under UK GDPR, we process personal data based on one or more of the following lawful grounds:

• Contractual necessity – to provide booked services
• Legal obligation – for health, safety, and insurance compliance
• Legitimate interests – running and protecting our business
• Explicit consent – for health data, under-18 data, and marketing communications

You may withdraw consent at any time by contacting us in writing.

6. Special Category Data (Health Information)

Health and medical information is treated with the highest level of confidentiality. We only collect health data that is necessary to ensure treatment safety and to comply with professional and insurance requirements.

By completing consultation and consent forms, you explicitly consent to the processing of this information for these purposes.

7. Data Storage and Security

Your data may be stored securely in the following ways:

• Website and associated booking systems (where applicable)
• Company email systems
• Third-party booking platforms (e.g. Treatwell and other booking partners)
• Secure physical records stored at the salon (management access only)

8. How Long We Keep Your Data

We retain personal data only for as long as necessary and in line with legal and insurance requirements:

• Client treatment and consultation records: up to 6 years
• Under-18 consent and health records: up to 6 years
• Enquiries that do not become clients: up to 12 months
• Marketing data: until consent is withdrawn or data is no longer required

Data is securely deleted or destroyed when no longer needed.

9. Payments

Payments may be processed using third-party providers such as card machines, payment gateways, or cash. We do not store full card details. Payment providers process payment information securely in accordance with their own privacy policies.

10. Marketing Communications

We may send marketing communications by email, message, or other channels only where you have given consent.

You can opt out at any time by:

• Using the unsubscribe option (where provided), or
• Contacting us in writing

11. Cookies, Analytics, and Advertising

Our website may use cookies and advertising or analytics tools, including services provided by Google and Meta (Facebook and Instagram), to promote our services, understand general website usage, and improve performance and user experience.

Further details are provided in our Cookie Policy (where available).

12. Sharing Your Data

We do not sell your personal data.

Your data may be shared only where necessary, for example with:

• Booking and payment service providers
• Website and IT service providers
• Insurance providers (in the event of a claim)
• Legal or regulatory authorities where required by law

All third parties are required to handle data securely and lawfully.

13. Your Rights Under UK GDPR

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of data (where legally permissible)
• Restrict or object to processing
• Withdraw consent at any time
• Lodge a complaint with the Information Commissioner’s Office (ICO)

Requests must be made in writing to: info@beautyarts.co.uk

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. The most current version will always be available on our website.

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us in writing at:

• Email: info@beautyarts.co.uk
• Address: 48A Seafield Road, Southampton, SO16 9NT, United Kingdom