Privacy Policy
Your privacy is important to us. This policy explains how Flow Beauty & Wellness collects, uses, and protects your personal information.
1. Who We Are
Company: Flow Beauty & Wellness
Address: Clapham, London, United Kingdom
Website: flowbeauty.uk
Email: info@flowbeauty.uk
We are a beauty and wellness salon committed to protecting your privacy and ensuring your personal data is handled in accordance with the General Data Protection Regulation (GDPR) and UK data protection laws.
2. Information We Collect
2.1 Information You Provide
- Contact Information: Name, email address, phone number
- Booking Information: Service preferences, appointment dates and times
- Account Information: Username, password (encrypted), profile preferences
- Communication: Messages sent through our contact forms or email
2.2 Information We Collect Automatically
- Website Usage: Pages visited, time spent, click patterns (via Google Analytics)
- Device Information: Browser type, operating system, IP address
- Cookies: See our Cookie Policy section below
2.3 Third-Party Information
- Fresha Bookings: Booking and customer data from our booking platform
- Social Media: Public information if you interact with our social media accounts
3. How We Use Your Information
3.1 Service Provision
- Processing and managing your bookings
- Providing customer support and responding to inquiries
- Sending booking confirmations and reminders
- Managing your account and preferences
3.2 Business Operations
- Improving our website and services
- Analyzing website usage and customer behavior
- Preventing fraud and ensuring security
- Complying with legal obligations
3.3 Marketing (With Your Consent)
- Sending promotional emails about our services
- Personalizing your website experience
- Showing relevant advertisements
- Measuring advertising effectiveness
4. Legal Basis for Processing
| Purpose | Legal Basis |
|---|---|
| Service provision and bookings | Contract performance |
| Customer support | Contract performance / Legitimate interest |
| Website analytics | Consent (via cookies) |
| Marketing communications | Consent |
| Legal compliance | Legal obligation |
| Security and fraud prevention | Legitimate interest |
5. Cookie Policy
We use cookies to enhance your browsing experience and analyze our website traffic. You can control cookie preferences through our cookie consent banner.
5.1 Types of Cookies We Use
Necessary Cookies (Always Active)
Essential for website functionality and security.
- cookiePreferences: Stores your cookie consent choices
- cookieBannerDismissed: Remembers if you've dismissed the cookie banner
- Session cookies: Maintain your session and login state
Analytics Cookies (Optional)
Help us understand how visitors use our website.
- Google Analytics (G-NE1D8XNK99): Website usage statistics
- Google Ads Conversion (AW-17403737139): Measures booking conversions
- Duration: Up to 2 years
Marketing Cookies (Optional)
Used for personalized advertising and marketing campaigns.
- Advertising cookies: Show relevant ads across the web
- Social media cookies: Enable social sharing features
- Duration: Up to 2 years
6. How We Share Your Information
We do not sell your personal data. We may share information with:
6.1 Service Providers
- Fresha: Booking platform for appointment management
- Google: Analytics and advertising services (with your consent)
- Email providers: For sending communications
- Hosting providers: For website and data storage
6.2 Legal Requirements
We may disclose information if required by law, court order, or to protect our rights and safety.
7. Data Security
We implement appropriate security measures to protect your personal data:
- Encryption: Data transmitted over HTTPS
- Access Controls: Limited access to personal data
- Regular Updates: Security patches and monitoring
- Data Minimization: We only collect necessary information
8. Data Retention
| Data Type | Retention Period | Reason |
|---|---|---|
| Customer accounts | 3 years after last activity | Service provision and legal requirements |
| Booking records | 7 years | Business records and tax obligations |
| Marketing data | Until consent withdrawn | Marketing communications |
| Website analytics | 26 months (Google Analytics) | Business analytics |
| Cookie preferences | 12 months | Remember your choices |
9. Your Rights
Under GDPR, you have the following rights:
π Right to Access
Request a copy of your personal data
βοΈ Right to Rectification
Correct inaccurate or incomplete data
ποΈ Right to Erasure
Request deletion of your data
βΈοΈ Right to Restrict
Limit how we use your data
π¦ Right to Portability
Receive your data in a portable format
π« Right to Object
Object to processing for marketing
How to Exercise Your Rights
To exercise any of these rights, please contact us:
- Email: privacy@flowbeauty.uk
- Subject line: "Data Protection Request"
- Include: Your name, email, and specific request
We will respond within 30 days of receiving your request.
10. International Data Transfers
Some of our service providers may be located outside the UK/EU. When we transfer data internationally, we ensure appropriate safeguards are in place:
- Google (US): Certified under EU-US Data Privacy Framework
- Other providers: Standard Contractual Clauses or adequacy decisions
11. Children's Privacy
Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.
12. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes by:
- Posting the updated policy on our website
- Updating the "Last updated" date
- Sending email notifications for material changes
13. Contact Us
If you have any questions about this privacy policy or our data practices, please contact us:
General Inquiries
Email: info@flowbeauty.uk
Data Protection
Email: privacy@flowbeauty.uk
Regulatory Authority
You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data properly. Visit: ico.org.uk