privacy

Grounds for data collection

Processing of your personal information

“Personal Information” means any information that may potentially allow your identification with reasonable means.

We will only process your personal information where we have a lawful basis to do so under UK data protection law. For Ellena’s Brows and Lashes this will usually be because:

It is necessary for the performance of a contract with you
For example, when you book an appointment, create or manage a booking, request information, or ask us to provide treatments or related services.

We have your consent
For example, when you ask to join a mailing list, agree to receive marketing messages, or consent to the use of certain cookies or similar technologies. You can withdraw your consent at any time.

It is necessary for us to comply with a legal obligation
For example, keeping records for tax, accounting and insurance purposes, or complying with requests from regulators and law enforcement.

It is in our legitimate interests and your rights do not override those interests
For example, to run and improve our website at ellenas.co.uk, respond to enquiries, manage our relationship with clients, maintain salon security and safety, and protect our business from fraud or misuse.

We only collect and use the Personal Information that is necessary for these purposes and will not process your data in a way that is incompatible with them.

is necessary for the performance of our contractual obligations towards you and providing you with our services, to protect our legitimate interests and for compliance with legal and financial regulatory obligations to which we are subject.

When you use the Site, you consent to the collection, storage, use, disclosure and other uses of your Personal Information as described in this Privacy Policy.

We encourage our Users to carefully read the Privacy Policy and use it to make informed decisions.

What information we collect?

We collect two types of data and information from Users.

The first type of information is un-identified and non-identifiable information pertaining to a User(s), which may be made available or gathered via your use of the Site (“ Non-personal Information ”). We are not aware of the identity of a User from which the Non-personal Information was collected. Non-personal Information which is being collected may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time, etc.) in order to enhance the functionality of our Site. We may also collect information on your activity on the Site (e.g. pages viewed, online browsing, clicks, actions, etc.).

The second type of information is Personal Information, which is individually identifiable information; in other words, information that identifies an individual or may, with reasonable effort, identify an individual. Such information may include, for example:

Device Information
When you visit our Site, we may collect certain technical data from your device. This can include your IP address, browser type, operating system, approximate geolocation data, unique identifiers (such as device ID) and information about how you interact with the Site (pages viewed, time spent, clicks). This is usually collected through cookies or similar technologies and is used for security, analytics and to improve the Site.

Contact and Booking Information
When you make an enquiry or book an appointment, you may be asked to provide details such as your full name, email address, telephone number, preferred appointment time and any relevant notes relating to your treatment.

Consultation and Patch Test Information
For certain brow and lash treatments we may record information you provide about your health history, allergies and patch test results, so that we can safely provide our services and meet our insurance and legal obligations.

Payment Information
If you pay for a service online, we may receive limited payment-related information (such as payment confirmation and billing details) from our payment provider. We do not store your full card details on our systems.

Communication Records
We may keep records of emails, messages sent via the Site, social media messages or other communications you send to us, so we can manage your enquiries, appointments and any follow-up.

Marketing Preferences
If you choose to join any mailing list or agree to receive updates from us, we will store your name, contact details and your marketing preferences.

We only collect the Personal Information that is relevant and necessary for the purposes set out in this Privacy Policy.

What information we collect and how we use it

We do not rent, sell or share Users’ information with third parties except as described in this Privacy Policy.

We may use the information we collect for the following purposes:

Communicating with you
To contact you about your enquiries and bookings, send appointment confirmations and reminders, reschedule or cancel appointments, and respond to any customer service or aftercare questions you may have.

Providing and managing our services
To book and manage your treatments, record relevant consultation and patch test information, and provide safe brow and lash services tailored to you.

Keeping you informed
Where you have asked us to, to send you updates about our services, changes to opening hours or policies, and other information that may be relevant to your appointments.

Marketing and updates
With your consent where required, to send you occasional marketing messages about new treatments, special offers or news from Ellena’s Brows and Lashes, and to manage your marketing preferences.

Website operation and improvement
To operate, maintain and improve our Site at ellenas.co.uk, including monitoring how it is used, fixing issues, testing features and keeping it secure.

Analytics and statistics
To carry out statistical and analytical work that helps us understand how clients use the Site and our services, so we can improve the user experience and our business.

In addition to the different uses listed above, we may transfer or disclose Personal Information to our subcontractors and trusted service providers, but only where this is necessary and subject to appropriate safeguards.

We may share Personal Information with our trusted third party providers, who may be located in different jurisdictions, for any of the following purposes:

Hosting and operating our Site
For example, website hosting companies and platforms that store and display our website content.

Online booking and enquiries
Providers that help us manage online bookings, contact forms or enquiry systems, so we can process your appointments and respond to messages.

Payment processing
Secure payment processors or financial service providers that handle payments on our behalf. We do not store your full card details on our own systems.

Email and communications services
Providers that send emails, appointment reminders or newsletters on our behalf, where you have requested or consented to receive these.

Analytics and technical diagnostics
Services that help us understand how our Site is used, diagnose technical problems and improve performance.

Marketing and advertising support
Where applicable, carefully chosen third parties that help us deliver and measure online advertising or promotional campaigns, for example on search engines or social media, in line with your cookie and marketing preferences.

We require all such third party providers to use your Personal Information only for the purposes for which it was supplied and to handle it in accordance with applicable data protection laws.

We may also disclose information if we have a good faith belief that disclosure of such information is helpful or reasonably necessary in order to:

Comply with any applicable law, regulation, legal process or governmental request.

Enforce our policies, including our terms and conditions, and investigate potential violations.

Investigate, detect, prevent or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues.

Establish or exercise our legal rights or defend against legal claims.

Prevent harm to the rights, property or safety of us, our users, you or any third party.

Cooperate with law enforcement agencies or other authorities, including where we consider it necessary to protect or enforce intellectual property or other legal rights.

User Rights

You may request to:

Receive confirmation as to whether or not personal information concerning you is being processed, and access your stored personal information, together with supplementary information.
Receive a copy of personal information you directly volunteer to us in a structured, commonly used and machine-readable format.
Request rectification of your personal information that is in our control.
Request erasure of your personal information.
Object to the processing of personal information by us.
Request to restrict processing of your personal information by us.
Lodge a complaint with a supervisory authority.

Retention

We will retain your personal information for as long as necessary to provide our services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations.

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

Cookies

We and our trusted partners use cookies and other technologies in our related services, including when you visit our Site or access our services.

A "cookie" is a small piece of information that a website assign to your device while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enable automatic activation of certain features, remembering your preferences and making the interaction between you and our Services quicker and easier. Cookies are also used to help ensure that the advertisements you see are relevant to you and your interests and to compile statistical data on your use of our Services.

The Site uses the following types of cookies:

a. 'session cookies' which are stored only temporarily during a browsing session in order to allow normal use of the system and are deleted from your device when the browser is closed;

b. 'persistent cookies ' which are read only by the Site, saved on your computer for a fixed period and are not deleted when the browser is closed. Such cookies are used where we need to know who you are for repeat visits, for example to allow us to store your preferences for the next sign-in;

c. 'third party cookies' which are set by other online services who run content on the page you are viewing, for example by third party analytics companies who monitor and analyze our web access.

Cookies do not contain any information that personally identifies you, but Personal Information that we store about you may be linked, by us, to the information stored in and obtained from cookies. You may remove the cookies by following the instructions of your device preferences; however, if you choose to disable cookies, some features of our Site may not operate properly and your online experience may be limited.

We also use a tool called “Google Analytics” to collect information about your use of the Site. Google Analytics collects information such as how often users access the Site, what pages they visit when they do so, etc. We use the information we get from Google Analytics only to improve our Site and services. Google Analytics collects the IP address assigned to you on the date you visit sites, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google’s ability to use and share information collected by Google Analytics about your visits to this Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy .

Third party collection of information

Our policy only addresses the use and disclosure of information we collect from you. To the extent you disclose your information to other parties or sites throughout the internet, different rules may apply to their use or disclosure of the information you disclose to them. Accordingly, we encourage you to read the terms and conditions and privacy policy of each third party that you choose to disclose information to.

This Privacy Policy does not apply to the practices of companies that we do not own or control, or to individuals whom we do not employ or manage, including any of the third parties which we may disclose information as set forth in this Privacy Policy.

How do we safeguard your information?

We take great care in implementing and maintaining the security of the Site and your information. [explain about your security practices, such as: we employ industry standard procedures and policies to ensure the safety of the information we collect and retain, and prevent unauthorized use of any such information, and we require any third party to comply with similar security requirements, in accordance with this Privacy Policy] . Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Site, and we make no warranty, express, implied or otherwise, that we will prevent such access.

We may use a third-party advertising technology to serve advertisements when you access the Site. This technology uses your information with regards to your use of the Services to serve advertisements to you (e.g., by placing third-party cookies on your web browser).

[Add information regarding opt-out options from personalized advertisements, such as:] You may opt-out of many third-party ad networks, including those operated by members of the Network Advertising Initiative ("NAI") and the Digital Advertising Alliance ("DAA"). For more information about this practice by NAI and DAA members, and your choices regarding having this information used by these companies, including how to opt-out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: http://optout.networkadvertising.org/#!/ and http://optout.aboutads.info/#!/ .

Marketing

We may use your Personal Information, such as your name, email address, telephone number, etc. ourselves or by using our third party subcontractors for the purpose of providing you with promotional materials, concerning our services, which we believe may interest you.

Out of respect to your right to privacy we provide you within such marketing materials with means to decline receiving further marketing offers from us. If you unsubscribe we will remove your email address or telephone number from our marketing distribution lists.

Please note that even if you have unsubscribed from receiving marketing emails from us, we may send you other types of important e-mail communications without offering you the opportunity to opt out of receiving them. These may include customer service announcements or administrative notices.

Minors

We understand the importance of protecting children’s privacy, especially in an online environment. The Site is not designed for or directed at children. Under no circumstances shall we allow use of our services by minors without prior consent or authorization by a parent or legal guardian. We do not knowingly collect Personal Information from minors. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us.

Updates or amendments to this Privacy Policy

We reserve the right to periodically amend or revise the Privacy Policy; material changes will be effective immediately upon the display of the revised Privacy policy. The last revision will be reflected in the "Last modified" section. Your continued use of the Platform, following the notification of such amendments on our website, constitutes your acknowledgment and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.

Privacy Policy

Introduction