What Information Do We Need?
We need your contact details, your: name, phone number, address, postcode and email address. We will also need information about your age and health in order for a treatment to go ahead.
Why Do We Need It, How Will We Use It and How Long Will We Retain It?
We need all the details above in order to ensure that it is safe for us to provide the treatments you may ask for and also for insurance purposes. We will store your information for 7 years after the date of your treatment, or for 7 years after you have reached the age of 18 if you are/were under 18 when your treatment took place. Our lawful basis for processing this personal information is ‘contract’, this means that we have a legal reason to ask you for your data because we need it for contractual reasons. You do not have to share your personal data with us, but if you do not we cannot offer you a treatment with Bewitching Beauty. You must fulfil your side of the contract (share your personal information) in order for us to fulfil ours (carry out treatment).
When you provide me with your personal information in the course booking an appointment, completing your massage intake form, making a payment or contacting me about my services, you are giving your consent to me collecting that information and using it for that specific reason.
I will not use your personal information for any secondary reason, like marketing, unless I have asked you directly for consent to do so.
How do I withdraw my consent?
For legal protection, I am required to hold the personal information you have given to me in the course of provide you with massage services and the notes about those treatments for a minimum of 7 years.
7 years after your last treatment I will permanently delete all your personal information that I hold.
If you withdraw your consent during the 7 year retention period, I will archive your data until the 7 year period expires.
Whilst your information is archived, I will not access or process it in any way accept if needed for legal protection or if I'm required to do so by law.
Should you wish to withdraw your consent at any time please email with your request.
How can I access, update or amend my personal information?
You have the right to review the personal information I store about you and your massage sessions. You also have the right to request I update or amend your data if it is incorrect.
To action any of these rights you can email your request to .
I may disclose your personal information if I am required to do so by law or if you violate my Terms and Conditions of service.
DATA HANDLING AND STORAGE
My appointment booking and document service is provided by Wix. They specialise in the secure collection, processing and storage of personal data for medical professionals and therapists.
Your data is stored through Wix using their data storage facilities, databases and the Wix web framework.
Your data is stored on secure servers behind a firewall and is always encrypted when in storage and whilst being transmitted across the internet.
I never store your credit card details, it is always stored by a third party such PayPal.
Paypal offer a service where by you can pay for your appointment quickly using credit or debit card details previously stored with them. I can't see your stored card details or information.
PayPal adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
In general, the third-party providers I use will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to me.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information I am required to provide to them for your purchase-related transactions.
For these providers, I recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or me. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in the UK and your transaction is processed by a payment gateway located in the United States, then your personal information used to complete that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click links on my website, they may direct you away from my website. I am not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, I take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, I follow all PCI-DSS requirements and implement additional generally accepted industry standards.
If this business is acquired or merged with another business, your information may be transferred to the new owners so that they may continue to provide you with the massage services you have requested.
QUESTIONS AND CONTACT INFORMATION
To request your information is updated, amended or deleted, or if you have any questions about how your information is collected, stored and used, please email firstname.lastname@example.org.
Who Can I Complain to If I Feel You Are Not Handling My Data Correctly?
LEGAL BASIS FOR STORING DATA
This information is collected by Bewitching Beauty in accordance with the guidelines set out in the General Data Protection Regulation (GDPR), Articles 6.1(b), 9.2(h) and 9.3
Bewitching Beauty trading names: Bewitching Beauty, Bewitching Beauty On Arran.