Privacy and Data Statement of Rights for GDPR
At Progressive Lash Pro, we prioritise the privacy and protection of your personal data. This Privacy and Data Statement outlines how we collect, use, share, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
1.1.1 Data we collect
We may collect the following types of personal data:
Contact Information: Name, email address, phone number, and any other information you provide when contacting us or subscribing to our services.
Payment Information: Billing address, payment card details, and other necessary information for processing payments when you make a purchase.
Communication Data: Records of your interactions with us, including emails, messages, and customer support inquiries.
Website Usage Data: Information about how you use our website, such as your IP address, browser type, pages visited, and referring website.
1.1.2 Who do we share your personal data with?
We may share your personal data with the following parties:
Service Providers: Trusted third-party service providers who assist us with website hosting, payment processing, email delivery, data analysis, or customer support. These providers are obligated to keep your personal data confidential.
Legal Compliance: When required by law or to protect our rights, property, or safety, we may disclose personal data to relevant authorities or other parties.
1.1.3 Other documents
PRIVACY AND PERSONAL DATA PROTECTION POLICY
2.1 THE GENERAL DATA PROTECTION REGULATION
We adhere to the General Data Protection Regulation (GDPR) and other applicable data protection laws in the UK to ensure that your personal data is processed lawfully, fairly, and transparently.
The terms used in this Privacy and Data Statement have the same meanings as defined in the GDPR. Please refer to the GDPR for detailed definitions.
2.3 PRINCIPLES RELATING TO PROCESSING OF PERSONAL DATA
We adhere to the principles of the GDPR when processing your personal data, including lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.
2.4 RIGHTS OF THE INDIVIDUAL
As an individual whose personal data we process, you have certain rights under the GDPR. These rights include:
Right to Access: You can request access to the personal data we hold about you.
Right to Rectification: You can request the correction or updating of any inaccurate or incomplete personal data we have about you.
Right to Erasure: You can request the deletion of your personal data in certain circumstances.
Right to Restriction of Processing: You can request the restriction of processing of your personal data under certain conditions.
Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
Right to Object: You can object to the processing of your personal data in certain situations.
For more information on how to exercise your rights, please refer to Section 2.11.
2.5 LAWFULNESS OF PROCESSING
2.5.2 Performance of a Contract
We may process your personal data when it is necessary for the performance of a contract or agreement between you and Progressive Lash Pro. This includes processing your personal data to fulfil your requests and provide the services you have subscribed to. Failure to provide the required personal data may result in the inability to fulfil our contractual obligations.
2.5.3 Legal Obligation
In certain circumstances, we may be required to process your personal data to comply with legal obligations, such as tax or accounting requirements. We will only process the necessary personal data for these purposes and ensure compliance with relevant laws and regulations.
2.5.4 Vital Interests of the Data Subject
Processing your personal data may be necessary to protect your vital interests or the vital interests of others. This includes situations where we need to process your personal data to protect your health, safety, or well-being.
2.5.5 Task Carried Out in the Public Interest
We may process your personal data when it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. This may include processing personal data for research, statistical, or public health purposes.
2.5.6 Legitimate Interests
We may process your personal data based on our legitimate interests, provided that such processing does not override your rights and freedoms. Our legitimate interests may include improving our services, understanding customer needs and preferences, preventing fraud, and ensuring the security of our systems and operations.
2.6 PRIVACY BY DESIGN
We are committed to implementing privacy by design and data protection principles from the early stages of any data processing activities. We strive to integrate privacy and data protection measures into our systems, products, and processes to ensure the highest level of data protection.
2.7 CONTRACTS INVOLVING THE PROCESSING OF PERSONAL DATA
When engaging third-party service providers or entering into contracts involving the processing of personal data on our behalf, we ensure that appropriate data protection agreements and safeguards are in place. These agreements outline the responsibilities of each party in protecting personal data and ensure compliance with applicable data protection laws.
2.8 INTERNATIONAL TRANSFERS OF PERSONAL DATA
In some cases, we may transfer your personal data to recipients located in countries outside the European Economic Area (EEA). When such transfers occur, we will take appropriate measures to ensure the protection of your personal data, such as implementing standard contractual clauses or relying on an adequacy decision by the European Commission.
2.9 DATA PROTECTION OFFICER
As a small business, Progressive Lash Pro is not required to appoint a Data Protection Officer (DPO) under the GDPR. However, we are committed to handling your personal data in accordance with applicable data protection laws and regulations.
2.10 BREACH NOTIFICATION
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and affected individuals in accordance with our legal obligations.
2.11 ADDRESSING COMPLIANCE TO THE GDPR
If you have any questions, concerns, or requests related to the processing of your personal data or would like to exercise your rights as described in Section 2.4, please contact us using the details provided at the end of this statement. We will respond to your inquiries and handle your requests in a timely and compliant manner.
3.2 WHAT COOKIES DO WE USE?
We use the following types of cookies on our website:
Necessary Cookies: These cookies are essential for the functioning of our website and enable you to navigate and use its features. They are usually set in response to your actions, such as accessing secure areas of the site or filling out forms. Without these cookies, certain services and functionalities may be unavailable.
Analytical Cookies: These cookies help us understand how visitors interact with our website by collecting information in an anonymous form. We use this data to analyse website traffic, identify popular pages, and improve the overall user experience. The information collected is aggregated and does not personally identify you.
Functional Cookies: These cookies allow our website to remember choices you make and provide enhanced functionalities and personalization. They may be set by us or by third-party providers whose services we have added to our pages. These cookies enable us to customize your experience and remember your preferences.
Marketing Cookies: We may use marketing cookies to track your browsing activities and interests in order to deliver personalized advertisements and promotional content. These cookies may be set by us or by third-party advertising partners. They are used to build a profile of your interests and show you relevant ads on other websites.
You have the option to control and manage cookies through your browser settings. Please note that blocking or disabling certain cookies may impact the functionality and performance of our website.
4.1 LINKS TO OTHER WEBSITES
Our website may contain links to other third-party websites. Please note that we have no control over the content, privacy policies, or practices of these websites. We encourage you to review the privacy statements of any external websites you visit.
If you have any questions, concerns, or requests regarding our privacy and data protection practices, or if you wish to exercise your rights as outlined in this statement, please contact us at:
Progressive Lash Pro
Owner: Sian Gibbs
We are committed to protecting your privacy and ensuring the security of your personal data in accordance with applicable data protection laws and regulations.