Eyrebrushed Skin Clinic Privacy Policy

Introduction
The following privacy notice outlines how Eyrebrushed Skin Clinic / eyrebrushed.ie (‘we’ or ‘us’ or ‘our’) gathers, processes, and protects your personal data. Eyrebrushed Skin Clinic, 7 William St, Kilkenny is a data controller and processes your personal information for the purposes laid out in this privacy notice.

The data protection officer for Eyrebrushed Skin Clinic can be contacted by sending an email to info@eyrebrushed.ie or writing to 7 William St, Kilkenny.

Purpose and Legal Basis for Processing Your Personal Data
We take your privacy seriously and will never sell or rent your personal data to any third-party.

We need to obtain and process your personal data to provide you with our products, services and treatments, to process a payment if you purchase a service or product from us and to fulfill our business and legal obligations. We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice. Your information can be also be processed as required by law or to respond to legal process.

Your personal data is collected and processed for the following purposes:

Name and contact details, payment information

  • To perform our contract with you when making purchases.
  • To set up an account for our website.
  • To process payment and prevent fraud.
  • To send you service based messages to perform our contract with you (confirmation, information about your account, a reminder of bookings, review requests, refunds).
  • To deal with any enquires and to resolve any complaints.
  • As part of our legal obligation for business, accounting, tax and insurance purposes.
  • To contact you with any special offers and news from our salon.
  • We ask for your permission to contact you with our special offers and news from our salon. Where you have given us your consent you can withdraw your consent at anytime.
  • Technical processes such as cookies & analytics.

Special Categories of Personal Data Collected
Health questions are asked in many of our consultation forms to deal with treatment queries and to potentially highlight treatments or products that may have a negative effect on your health due to medication you are taking or a health condition you have. Your privacy is very important to us and we only use this information for determining your suitability for the treatment and to provide a safe service.

We put extra safeguards in place to protect special category data to protect it from unauthorised disclosure, unauthorised modification or unauthorised access. We only collect this information from you based on your explicit consent.

Data Collection
We collect personal information from you in a variety of ways:

  • Website forms (forms on our website such as Appointment Check-In / Covid-19 Form or Checkout form);
  • Google Forms;
  • Salon / appointment booking software (Phorest);
  • Cookies (no personally identifiable data, examples include items added to your shopping cart or length of page views).

Children’s Personal Data
We take children’s personal data very seriously and we do not knowingly collect personal data from children below the age of 16 without consent from a parent or guardian. We take great care in protecting the personal data of children. If we discover that we have collected personal data from a child without consent from a parent or guardian we will delete that personal data as soon as practically possible.

Your Rights as the Individual
When we process your personal data you hold a number of rights in relation to how this personal data is processed which includes:

  • The right to access what personal data we hold about you.
  • The right to be informed of how we are using your personal data.
  • The right to request the erasure of the personal data we hold on you.
  • The right to object to us processing your personal data or restrict us from processing some or all of your personal data.
  • The right to object to direct marketing from us.
  • The right to request the correction of incorrect information we hold on you.
  • The right to request that we transfer the information we hold on you to another service provider.
  • The right to lodge a complaint directly with the Data Protection Supervisory Authority about how we process your personal data.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request; this is to ensure that your data is protected and kept secure.

Data Sharing, Third Parties and Data Processors
Our Service may contain links to other websites that are not operated by us. This Privacy Nolicy does not address the privacy policy and other practices of any third parties, including any third party operating any website or service that may be accessible via a link on the Service. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

We disclose your personal data to third parties for the purposes of providing a service to you, running our business, and when required by law and to enforce our legal rights. Where we use a third-party, we have strict agreements in place governing the processing of your personal data, on which no action can be taken without instruction from us.

The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times. Furthermore, they must process the personal information in accordance with this Privacy Notice and as permitted by applicable data protection laws. We share your personal data with the following categories of companies:

  • Third party software companies such as a salon software company to improve the customer experience for you and improve the way we do business.
  • Payment processors and software to facilitate online sales and bookings with us. These companies process your personal data for different purposes to fulfil regulatory requirements.
  • Professional services such as marketing companies to help us run our business and get in contact with you.
  • Accountancy and insurance companies to help us run our business and fulfil our legal obligations.

Payments
We accept payments for online orders via Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as purchase total and billing information. Neither Stripe nor Eyrebrushed store your credit card details. Credit card details are encrypted prior to being sent to Stripe for processing.

Please see the Stripe Privacy Policy for more details.

How Long Do We Keep Your Data?
We retain your personal data for as long as necessary to provide you with our services as our client.

The criteria for which we would continue to process your personal information includes:

  • Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information.
  • Where processing is necessary for the establishment, exercise or defence of legal claims.

Cookies
A ‘cookie’ is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. When you visit a site that uses cookies for the first time, a cookie is downloaded onto your computer/mobile device so that the next time you visit that site, your device will remember useful information such as items added in the shopping cart, visited pages or login options. A popup on our website will ask you to accept or manage cookies when you visit.

Our website relies on cookies to carry out certain functions and to tailor your user experience. Enabling these cookies is not strictly necessary for the website to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended. You can control and/or delete cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

Please see our full Cookie Policy here

Transfers of Personal Information
When your personal data is processed through our salon software, all of it is held within the European Economic Area (EEA). Your information is processed by the salon software and stored in the Amazon Web Services cloud. During this process your data is encrypted in transit and at rest.

Consequences of Not Providing Your Personal Information to Us
In the event that you want to purchase a product or service from us, certain personal information may be required. You can always choose not to provide personal information. However, we may be unable to provide some/all products, services and treatments in these instances.

Marketing Messages
As mentioned above, we may contact you by SMS or Email to let you know about any special offers, promotions or with news about our products and services.

You can opt out from marketing at any time by:

  • Clicking unsubscribe on any email or by responding to instructions with each SMS.
  • Contacting our team at info@eyrebrushed.ie

Please note, it may take a number of days to process your request.

Safeguarding your Personal Data
Appropriate measures are taken to protect your personal data from access from unauthorized persons or inappropriate access, internal or external.

Members of our team have access to all the information you provide us.

Your connection to Google Forms and Phorest salon software to make bookings both use a secure connection. All information passed to these third parties is encrypted during data input and transfer to the cloud.

Any paper files recording your personal data are held in a locked filing cabinet or safe which can only be accessed by authorised personnel in the salon. Employees are only assigned specific access rights and can only access the salon software with the PIN number assigned to them by the management of the salon.

Questions About Data Protection
In the occurrence that you have any questions or want to make a complaint about how your personal data was gathered, how it is being processed or if you are not satisfied about how a complaint has been handled, you can get in contact with us.

Eyrebrushed Skin Clinic
info@eyrebrushed.ie
7 William St, Kilkenny R95VHN7