Privacy Policy

How we collect, use, and protect your personal information

Last updated: 14 June 2026

1. Introduction

This privacy policy explains how Hair by Gerry ("we", "us", "our") collects, uses, stores, and protects your personal data when you use this website, contact us, or visit the salon. We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are the data controller for the personal information we collect. If you have any questions about this policy or how we handle your data, please contact us using the details below.

2. Data Controller

Hair by Gerry
72 Crawthew Grove, East Dulwich, London SE22 9AB
Email: rfhagemeyer@gmail.com

3. What Information We Collect

3.1 Information you provide directly

  • Contact form submissions: Name, email address, phone number (optional), and the content of your message.
  • Appointment bookings: Online bookings are made through Treatwell, which collects your name, contact details, and chosen appointment. If you book by phone or in person, we record your name, contact details, and the service booked.
  • Consultation notes: Basic notes about your hair, colour history, and any allergy/patch-test results, so we can give you safe, consistent results at future visits.
  • Payment information: Payment amounts, dates, and method of payment. We do not store your card details — card payments are handled by our payment provider.

3.2 Information collected automatically

  • Website usage data: Anonymous information such as which pages are viewed and how many people visit, collected by a privacy-friendly, cookieless visit counter. This does not identify you individually.

4. How We Use Your Information

We use your personal information for the following purposes:

  • To respond to enquiries submitted through the contact form
  • To schedule, confirm, and manage your appointments
  • To provide our services safely (including recording allergy/patch-test results before colour)
  • To process payments for your appointments
  • To comply with legal and accounting obligations
  • To improve this website and the services we offer

5. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent: When you submit the contact form, you consent to us processing your data to respond. You can withdraw consent at any time.
  • Contract: Processing is necessary to provide the appointment and services you have requested.
  • Legitimate interest: To improve our website and services, to keep safe consultation records, and to respond to your enquiries.
  • Legal obligation: To comply with accounting and other legal requirements.

6. How We Store and Protect Your Data

We take the security of your data seriously and use appropriate measures to protect it, including:

  • Records are kept securely and access is limited to the salon owner
  • Any paper notes are kept in a secure place
  • This website uses SSL/TLS encryption to protect data sent through the contact form
  • Online bookings and payments are handled by reputable providers with their own security measures

7. How Long We Keep Your Data

  • Contact form enquiries: Up to 12 months after your last contact, unless you become a regular client.
  • Consultation notes: For as long as you remain a client and a reasonable period afterwards, so we can refer back to your colour history.
  • Payment and accounting records: Up to 6 years, as required by HMRC.
  • Website analytics data: Anonymous data is retained for up to 13 months.

8. Sharing Your Data

We will not sell your personal information or share it with third parties except in the following limited circumstances:

  • Booking & payment providers: We use Treatwell for online bookings and a card-payment provider for payments. These companies process data on our behalf under their own GDPR-compliant terms.
  • Website hosting & email: Our website host and email provider process limited data to deliver those services.
  • Legal requirement: If required by law or a court order.
  • With your explicit consent: In any other case, only with your agreement.

9. Cookies

This website uses minimal cookies and a cookieless visit counter. For full details, see our Cookie Policy.

10. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to erasure: You can ask us to delete your personal data, subject to any legal obligations we have to retain it.
  • Right to restrict processing: You can ask us to limit how we use your data.
  • Right to data portability: You can request your data in a structured, commonly used format.
  • Right to object: You can object to our processing of your data in certain circumstances.
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at rfhagemeyer@gmail.com. We will respond within one month.

11. Children's Privacy

We are happy to cut children's hair, with a parent or guardian present and consenting. We do not knowingly collect personal information from children under 13 through this website.

12. Complaints

If you have a concern about how we handle your data, please contact us first so we can put it right. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

13. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.

Made with by Therapy Webgenie