PRIVACY POLICY

The Isle is committed to ensuring the privacy of our clients and website visitors. This policy explains what personal data we may collect about you when you interact with us and how we use it.

[ Our Promises ]
• Service: We will only use your data to improve your experience of our services
• Patient Safety: We will only use your sensitive personal data to ensure your care and safety
• Keep in touch: We will only contact you about things you have told us you’re interested in

[ Who Are We? ]
The Isle is a Health, beauty and wellbeing salon based in Wedmore, Somerset. The website we operate and this policy refer to is www.theislesomerset.co.uk For simplicity, “we” and “us” means The Isle.

Madeline Bond, salon owner and therapist of The Isle is the data controller in relation to the processing of personal information that you provide us when using our services. You can contact Madeline directly: info@theislesomerset.co.uk

Or write to: Miss Madeline Bond, Data protection officer.
The Isle
Swallow Barn
Lineage
Lascot Hill
Wedmore
Somerset
BS28 4QT

[ Your Personal and Sensitive Personal Data ]
Under data protection legislation, the data that organisations hold about you can be categorised as follows:
Personal Data: This is data related to an identifiable person or data that can be used to identify a distinct individual. Examples of personal data we collect and process include names, email addresses, location, and telephone numbers. Where this policy states “your data/your personal data” we are referring to Personal Data unless otherwise stated.

Sensitive Personal Data: Sometimes referred to as “Special Category Data”, this is data that is deemed to be more sensitive than the above personal data. For example, medical records, genetics, biometric data, details of ethnicity, sexual orientation. We only use this data for the purposes of your treatment and to ensure you care and safety as a client. We will usually ask for your consent to collect or process this data, though there may be instances where we are required or permitted to do so by applicable law (eg. To comply with public health requirements). We never use your sensitive personal data for marketing purposes.

[ The Legal Bases We Rely On ]
Under data protection legislation, organisations must have one of a number of reasons for processing your personal data. Below we outline the bases we use and an example of the purpose for which it is used:

  • Consent: In some situations, we ask for your consent to process your data for the purpose we have identified.
  • For example, we ask you to tick a box on our enquiry form to receive our special offer and discount emails.
  • As a patient you may be asked for consent to allow us to collect sensitive personal data about you to ensure your safe treatment and care.
  • Contractual obligations: Sometimes we may need your data to fulfil our obligations.
  • For example, if you wish to book an appointment we may need your payment details, address and contact details to process payment and secure your booking.
  • Legal compliance: There may be some situations where we are required by law or regulatory bodies to process your data
  • For example, we may require you provide proof of ID and age where the law requires.
  • Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests.
  • Legitimate Interests: In some situations we require your data to pursue our interests in a way which might reasonably be expected as part of running our business and which does not significantly impact your rights or freedom.
  • For example, we will use the contact details you provide, to call/SMS/email you regarding your enquiry and provide you with targeted relevant information.

[ When Do We Collect Your Personal Data? ]

  • When you send us an enquiry email through our website
  • When you communicate with us by phone or email or instant messaging systems
  • When you engage with us on social media
  • When you interact (open/click) with our emails
  • When you request further information from us
  • When you arrange appointments with staff
  • When you attend appointments and as part of the consultation process
  • When you make payments to us or require a refund
  • When you fill in any forms in the salon
  • When you complete any surveys we send you
  • When you review our services
  • When you refer a friend

[ What Personal Data Do We Collect? ]

  • Whilst using our website you may submit information to us via an enquiry form. This may include your name, email address, phone number and postcode. We require this information to contact you regarding your enquiry and to better understand demand for our services.
  • Details of your interactions with us through our salon phone. For example, we may make note of conversations and maintain phone call logs.
  • Copies of documents you provide to prove your age or ID where the law or company policy requires.
  • Payment details.
  • Personal details which help us make suggestions. For example, you may indicate that you have a particular skin condition or concern, which we will use to recommend treatments.
  • Your reviews, survey responses and comments.

[ How and Why Do We Use Your Personal Data? ]
We want to give you the best possible experience from your very first interaction with us. One way to achieve this is to better understand who you are by collecting data about you.

We use this to make improvements to our service and to communicate information that you are likely to be interested in.

There are many cases where we are required to collect and process data about you either to fulfil our contractual obligations to you or to comply with the law.

We use your personal data for the following purposes:

  • To contact you regarding your enquiry – we have to collect and process your data in order to fulfil your request for further information or to book an appointment.
  • To provide you with further information about the subject of your enquiry so you understand your options and can make an informed decision.
  • To remind you by email to book subsequent appointments for a treatment you have previously had which requires ongoing review.
  • With your consent, we will send you special offers and news via email – to keep you up to date with our promotions.
  • To contact you regarding your appointments and treatments – we want to make sure you don’t miss your appointments.
  • To take payment and process refunds.
  • To provide customer service and support.

[ How We Protect Your Data ]
We take the security of your data seriously and take all appropriate steps to protect it from unauthorised access, loss and misuse. We never sell any of your personal data for any purpose. Any sensitive personal data we may collect (such as medical records) is never used for marketing purposes and access to such data is further restricted.

[ How Long Do We Keep Your Data? ]
We only keep your data for as long as is necessary to fulfil the purpose for which it was collected. At the end of the period, your data will either be deleted or anonymised so that it can be used in a non-identifiable way for statistical analysis which helps us make improvements to our service and business.

[ Who Do We Share Your Personal Data With? ]
We never sell your data to any third parties. We want to maintain your trust as a reputable company and believe this is essential to ensure this. However, we do use third parties to support, manage or deliver some of our day to day business services.

As a result, we may share non-sensitive personal data (such as phone numbers, email address) with the following type of companies we work with:

  • Companies that help us deliver our emails and electronic communications to you.
  • Companies that support our website, phone handling and other IT/business systems.
  • Companies that provide analytics services.
  • Facebook and Instagram to show you our services that might interest you whilst you’re browsing the internet or on social media platforms. This is based on your acceptance of cookies on our websites.

We select these companies carefully and take precautions to keep your data safe and protect your privacy:

  • We only provide the data they need to perform the services we require.
  • They may only use your data for the purposes we specify and agree with them.

[ What Are Your Rights? ]
You have many rights relating to your personal data including:

  • The right to access the personal data we hold about you.
  • The right to request the correction of inaccurate data about you. If we hold inaccurate or out of date information about you, you can request that we change or update it.
  • The right to request that we delete your data or stop processing it – in some instances such as where we no longer need it, we can delete your personal data.
  • The right to withdraw your consent – Whenever you have given us your consent to use your personal data, you have the right to change your mind and tell us.

Please note there may be instances where we refuse your request for any of the above (unless otherwise stated) where we have a strong overriding reason or are legally obliged to.

If you wish to exercise any of your rights, have a complaint or questions about this policy, please see the “Who are we?” section for contact details.

[ How to Stop Marketing mMssages From Us ]
There are several ways you can stop receiving marketing messages from us:

Please note these actions will only stop emails that are not related to booking confirmation/ payment confirmation/ medical aftercare. You may still receive email correspondence from The Isle staff; for example emails to confirm your appointments.

  • Clicking the “unsubscribe” link at the top or bottom of any of our marketing emails
  • Send a request to unsubscribe by replying directly to any of our marketing emails

In most cases your request will be processed immediately but occasionally it may take a few days to take effect so you may still receive emails from us during this time. If you have previously unsubscribed but change your mind and wish to be included in our emails again, please call us or let a member of staff know. We will email you a request which you need to open and accept to start receiving our emails again.

[ Children ]
We do on occasion collect data on clients who are under the age of 16 with consent from either a guardian or parent. If you are a parent or guardian of a child under the age of 16 and think that we may have information relating to that child, please contact us. We will ask you to prove your relationship to the child but if you do so you may (subject to applicable law) request access to and deletion of that child’s personal data.

[ Changes to This Privacy Policy ]
We may update this privacy policy from time to time to reflect how we use your personal data. We will notify you by e-mail (if we hold your email details) of any significant changes but we encourage you to review this policy regularly to stay informed of how we use your data.

[ Complaints ]
If you have concerns about aspects of the way your data has been handled or used by us and are not satisfied with our response, you can report your concerns to the UK Information Commissioner Office (ICO). Details of how to do this are on the ICO website (https://ico.org.uk)

[ Any Questions? ]
We hope this privacy policy has been helpful in setting out the way we handle your personal data and your rights. If you have any questions that haven’t been covered, please contact our Data Protection Officer at: info@theislesomerset.co.uk

Or write to:
Miss Madeline Bond
The Isle
Swallow Barn
Lineage
Lascot Hill
Wedmore
Somerset
BS28 4QT

This policy was last updated on the 22nd May 2018.