The data controller is Centred in Beauty Ltd (referred to in this policy as “we” or “us”).
This privacy and cookies policy covers Spa on the Square and PHYTO5 UK as they are trading names of Centred in Beauty Ltd.
We are committed to using best practice and being open and transparent with how we collect, use and protect your personal data.
This Policy applies to you if you use our website, if you contact us or we contact you or if you use our products and services.
Our website contains links to other websites operated by other organisations. These organisations may have their own privacy and cookie policies and we do not accept responsibility or liability for these websites or online applications.
When you use our websites you may provide us with:
Where this is the case, the legal basis for our processing your information is the performance of a contract with you in answering your queries, delivering the service or processing your order.
When you interact with us online or browse our website we may collect:
Where this is the case, the legal basis for our processing of your information is our legitimate interest in improving our services, the performance of our website, growing our business and informing our marketing strategy.
When you contact us or we contact you or you take part in online or social media promotions, competitions, surveys or questionnaires about our services, we may collect:
Where this is the case, the legal basis for processing your data is performance of a contract with you and our legitimate interest to improve our services and the performance of our website, grow our business and inform our marketing strategy.
To manage any accounts you hold with us including your login details, account history or information you send to us through our website, contact forms (including enquiry forms, job opportunities, contact forms or registration forms)
We need to process your personal data so that we can manage your customer accounts, provide you with the services you require and help you with any enquiries, orders and refunds you may ask for.
In order to provide as safe a service as possible we monitor how our websites and online applications are used to detect and prevent fraud, other crimes and the misuse of services.
We may send you relevant updates and offers about our products and services by email or direct mail but only if you have previously agreed to receive this type of communication from us.
Our email marketing provider (MailChimp) may transfer data outside of the EEA and when doing so they ensure that they have adequate levels of protection in place to comply with data protection requirements. MailChimp complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. We have signed up to MailChimp’s data processing agreement.
In order to deliver our services to you we work with carefully selected suppliers e.g. online marketing providers, technology and software providers and payment processors.
When we share personal data with our suppliers we require them to keep it safe, and they must not use your personal data for their own marketing purposes.
In some instances this may include working with online marketing providers who place advertising for our services or products on social media channels and other websites and online platforms.
We do not share your data with any organisations other than our suppliers unless:
We take our responsibility for your personal information very seriously. Below are some of the measures we take to keep your data safe:
However, whilst we take appropriate technical and organisational measures to safeguard your personal data, please note that we cannot guarantee the security of any personal data that you transfer over the internet to us.
The length of time we keep your information will depend on what type of information you have provided and for what purpose. Once your information is no longer required (see below for specific details) we will either delete or anonymise your information (remove all personal identifiable information keeping only information needed for statistical purposes). If it is not possible to delete your data (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
Your account information:
If you have an account with us we will keep your information until you delete your account. Any data which is required for statistical analysis and reporting will be anonymised.
Information you provide to us when you visit us for a treatment:
We are required to collect information regarding your health and any family history of certain conditions in order to ensure we are treating you safely and appropriately. We also keep relevant health notes arising out of treating you or of carrying out a patch test. Our insurers require us to keep this information for a variety of lengths of time depending on the treatment received. Usually this is 7 years. Once this time has passed we will delete or anonymise your data. Please contact us for further information if you have any questions or concerns regarding the way this data is stored, protected or processed.
If you have made a purchase through our website we will keep information regarding your order in line with legal requirements regarding the keeping of company records for accounting purposes. This is currently for 6 years.
Enquiries and form submissions through our website:
If you have made an enquiry, sent us your information or applied for a vacancy through our website or online application we will keep your information on our website server for up to 3 months after which it will be deleted. Your information may be added to our CRM database but only if you give us your permission to stay in touch with you.
Cookies are small data files that allow a website to collect and store data on your desktop computer, laptop or mobile device.
Cookies help us to provide important features and functionality on our website and we use them to improve your experience.
If you choose to disable Cookies when using our website you may find that the site does not work as well as it is designed to for example you may see notifications multiple times.
To help our websites and online applications work well for you
Cookies allow us to remember your preferences and whether you have visited our website or seen a notification.
To improve how our Websites and online applications work
Cookies can help us identify whether our site is working as it is supposed to or if you receive an error message whilst you are using the site.
These types of cookies collect anonymous aggregated data and demonstrate how well our website is performing. E.g. we may collect data on how long visitors stay on our website and how many pages they visit whilst browsing.
Where we have advertised on another organisations’ website you will see the AdChoices icon and you can click on this icon for guidance on how to control your online advertising preferences
Tracking the performance of our online marketing activity
These Cookies may tell us how many times you have seen an advert or visited our website before getting in contact with us and can capture information such as your IP address, your search terms and what website you came from before you visited our website.
Most of the data collected is anonymised and aggregated as statistical information about how well our advertising and website is performing.
What can you do to control or manage what Cookies are used?
You can control the cookies on your device through your browser settings choosing to accept or reject new Cookies or delete existing Cookies. You can also manage whether or not you are notified when a website places Cookies on your device.
For more information about Cookies, how to manage them, reject them or delete them visit the All About Cookies website.
You have the right to contact us and request full details of the personal information we have about you. We encourage you to keep your account information with us accurate and up to date and manage your preferences through the options provided when you are using our services.
If you believe your data is inaccurate or out of date you can contact us and request that it is updated. You can contact us and request that we restrict how we use you data or request that we delete your data. You can also contact us to object to us using your personal data.
If you would like a copy of the information we hold about you please write to:
Centred in Beauty Ltd
Telephone: 01608 670777
We will respond within 30 days.
If you wish to make a complaint about how we have handled your data you can also contact our Data Protection Officer at the address above who will investigate your complaint.
If this does not resolve your issue you can complain to the Information Commissioner’s Office (ICO).