Privacy Policy
Last updated: March 2025. Adapt this text to your business and jurisdiction.
1. Who we are
This website is operated by the business named in the site header (âweâ, âusâ). For data protection questions, contact us using the email or address published in your booking confirmations or on this site.
2. Data we collect
When you request a booking, we process: your name, email address, phone number, chosen services, date and time, and any notes you provide. Technical data (e.g. IP address, browser type) may be processed by our hosting and analytics providers as described in their policies.
3. Purposes and legal bases
We use your data to handle booking requests, communicate about your appointment, and improve our service. Under the GDPR, we rely on performance of a contract (taking steps at your request before a contract), and where applicable legitimate interests (e.g. fraud prevention, IT security).
4. Storage and retention
Data is stored on secure infrastructure (e.g. cloud services). We keep booking and customer data only as long as needed for appointments, legal obligations, and legitimate business purposes, then delete or anonymise it.
5. Sharing
We may share data with processors that help us run this site and email (e.g. hosting, email delivery), under contracts that require them to protect your data. We do not sell your personal data.
6. Your rights
Depending on applicable law, you may have rights to access, rectify, erase, restrict or object to processing, and data portability. You may withdraw consent where processing is consent-based. See also our GDPR information page.
7. Cookies
We use only essential cookies or local storage needed for the site to function (e.g. language preference). If we add non-essential cookies, we will update this policy and, where required, ask for your consent.
8. Changes
We may update this policy. The âlast updatedâ date will change; continued use of the site after changes constitutes notice where the law allows.
9. Booking requests, confirmations, and email
When you submit a booking request, you ask us to process your data to handle that request. If the salon confirms your appointment, we use your email address to send confirmation and related messages (including cancellation or change notices where applicable). Those messages are service-related, not marketing, unless we ask for separate consent. Staff may also contact you using the phone number you provide if needed for your appointment.
Terms of use (online booking)
Last updated: March 2026. Adapt to your business and jurisdiction.
1. The service
These terms apply when you use this website to request an appointment. Submitting a request does not guarantee a booking; the salon may accept or decline based on availability and its policies.
2. Your information
You agree to provide accurate contact details. We process your data as described in our Privacy Policy to handle your request and send transactional emails about your appointment.
3. Cancellations and changes
Cancellation and rescheduling rules (including any fees or notice periods) are set by the salon and may be communicated by email, phone, or on site. Use the options provided in your confirmation email where available.
4. Acceptable use
Do not misuse the booking system (for example false bookings, harassment, or attempts to compromise the site). We may refuse service or block abuse.
5. Limitation of liability
The site is provided to help you request appointments. To the extent permitted by law, we are not liable for indirect losses or events outside our reasonable control. Nothing in these terms limits rights you may have under mandatory consumer or data protection law.
6. Changes
We may update these terms. The date above will change; continued use of the booking feature after updates constitutes your acceptance where the law allows.
GDPR & data protection
GDPR information for the EEA.
Controller
Controller text.
Data protection officer (DPO)
DPO text.
Categories of personal data
Categories text.
Purposes and legal bases
Legal bases text.
Recipients and transfers outside the EEA
Transfers text.
Subprocessors
We engage the following categories of processors to deliver this service.
| Processor |
Role |
Typical locations |
Further information |
| Google Ireland Limited / Google LLC |
Firebase: Hosting, Firestore, Cloud Storage, Authentication |
EU, UK, USA, global infrastructure |
Firebase & Google Cloud privacy |
| Resend, Inc. |
Transactional email delivery |
USA |
Resend privacy policy |
Retention
Retention text.
Record of processing activities
Art. 30 text.
Security of processing
Art. 32 text.
Personal data breaches
Arts. 33â34 text.
Children
Children text.
Your rights (summary)
Rights summary.
How to exercise your rights
Send an email with your request.
Response time note.
Automated decision-making
No automated decisions.
Whether you must provide data
Required fields.