Taizen Skin Therapy Centre Ltd Privacy Notice
The following privacy notice outlines how Taizen Skin Therapy Centre Ltd (‘we’ or ‘us’ or ‘our’) gathers, processes, and protects personal data, stored on behalf of Data Controllers . Taizen Skin Therapy Centre Ltd is a Beauty Therapy company that provides services and products to clients (the public) by offering an online booking system and the option to receive SMS and e-mail reminders, reviews and promotional offers.
The data protection officer. for the organisation is Nichola Burns.. You can contact the data protection officer by sending an email to firstname.lastname@example.org or writing to Data Protection Officer, Taizen Skin Therapy Centre Ltd, 15 Claremont Road, Whitley Bay, Tyne and Wear, NE26 3TN.
We process your personal information for the purposes laid out in this privacy notice. We act as data processor on behalf of our clients and have access to personal information provided by our clients.
Personal data collected:
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
We take your privacy seriously and will never sell or rent your personal data to any third-party. We need to obtain and process your personal data to provide you with our services and online service options and to fulfil our business and legal obligations. We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice.
Your personal data is collected and processed for the following purposes:
Name & Contact Details
In the performance of a record card to sell and market products or services (name, address, email, contact number, DOB,)
Through legitimate interest to engage in communication with you to provide beauty advice
To contact you with any relevant offers, promotions and services.
As required by law or to respond to legal process.
In the performance of contract to process appointments etc, we store
consultation forms, appointment data and associated notes.
To ensure that we provide you with the correct treatment to suit any medical concerns that you may have
To ensure we provide the correct Health and Safety, advice and modify the treatment or refer you to a G.Por specialist if necessary for your own safety and wellbeing
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
Rights of the individual
The individual holds a number of rights in relation to the personal information that we hold on them, which includes:
The right to access what personal data we hold about the individual.
The right to be informed of how we are using the individual’s personal data.
The right to request the erasure of the personal data we hold on the
The right to object to us processing the individual’s personal data or restrict us
from processing some or all of the individual’s personal data.
The right to object to direct marketing from us.
The right to request the correction of incorrect information we hold on the
The right to request that we transfer the information we hold on the
individual to another service provider.
If we receive a request from the individual to exercise any of the above rights, we may ask to verify your identity before acting on the relevant request; this is to ensure that your data is protected and kept secure.
Process of collection
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
Personal data is also provided to us through Phorest software online booking system our website, over the phone, in Taizen Skin Therapy Centre Ltd, by email, social media, in writing or any other means by which it is provided by salons and/or consumers.
Data Sharing & Use of Data Processors
We disclose your personal data to third parties for the purposes of providing a service to you, running our business, and when required by law and to enforce our legal rights. Where we use a third-party, we have strict agreements in place
governing the processing of your personal data, on which no action can be taken without instruction from us.
The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times. Furthermore, they must process the personal information in accordance with this Privacy Notice and as permitted by applicable data protection laws. We share your personal data with the following categories of companies:
Phorest Software to keep your data safe and to provide you with an online booking service
Professional legal authorities such as the police or the courts if requested by law
How Long Do We Keep Your Data?
Taizen Skin Therapy Centre Ltd retains your personal data for as long as necessary to provide you with our services as our client and under the following criteria:
• Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information
• Where processing is necessary for the establishment, exercise or defence of legal claims
Transfers of personal information
When personal data of persons located in the EU is processed through our Phorest software, all of it is held within the EU. Your information is processed by the Phorest software and stored in the Amazon Web Services cloud infrastructure. During this process your data is encrypted in transit and at rest.
Consequences of not providing your personal information to Taizen Skin Therapy Centre Ltd
In the event that you want to purchase a product or service from Taizen Skin Therapy Centre Ltd , certain personal information is required to enter into a contract with you. You can always choose not to provide personal information. However, Taizen Skin Therapy Centre Ltd may not be able to enter into a contract with you to fulfil an attempt to purchase a product or service if you do not provide your personal information.
Safeguarding your Personal Data
Appropriate measures are taken to protect your personal data from access from unauthorized persons or inappropriate access, internal or external. Your connection to our software system: Phorest uses a HTTP Secure communication protocol and TLS security.
This means all information passed to the Phorest system is encrypted during data input and transfer to the cloud. Any paper files recording your personal data are held in a locked filing cabinet or safe which can only be accessed by authorised personnel.
Our employees are assigned specific access rights through this mechanism and can only access the salon software with the PIN number assigned to them by the management of the salon.
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail if you have provided us with these details.
In the occurrence that you want to make a complaint about how your personal data was gathered, how it is being processed by Taizen Skin Therapy Centre Ltd (or third parties used by us) or you are not satisfied about how a complaint has been handled, you retain the right to lodge a complaint directly with the supervisory authority and Taizen Skin Therapy Centre Ltd and also our Phorest Data Protection Officer. Taizen Skin Therapy Centre Ltd would appreciate the opportunity to assist you with your query before raising a complaint with Data Protection authorities.
Taizen Skin Therapy Centre Data Protection Officer/GDPR Owner
The data protection officer for the organisation is Nichola Burns. You can contact the data protection officer by sending an email to email@example.com or by writing to Data Protection Officer, Taizen Skin Therapy Centre Ltd, 15 Claremont Road, Whitley Bay, NE26 3TN.
Changes to our privacy notice
We may change this notice from time to time. All changes will be posted and updated here. We will notify you directly by email (if we hold one for you) if any significant changes occur. We advise you to check back here frequently to review the most current version of this notice.