Who we are
Our website address is: https://rococotorquay.co.uk.
What personal data we collect and why we collect it
Why do we collect personal information?
We endeavour to keep the amount of personal information we request to a minimum at all times. Any data that’s shared with us is used only to to deliver an expected service. We seek your consent to the processing of information about you. Consent for the purpose in which you supply your data will be determined by the situation in which you give this information. For example, if you email us, you will necessarily be supplying us with information which we can use to book your appointment.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
We are committed to ensuring that your privacy is protected and this Privacy Policy sets out how we gather, use and protect any information that you give to us when you use this website. We may make changes to this policy from time to time by updating this page, so please check back occasionally to ensure that you are happy. In dealing with your personal data, we will comply with relevant legislation in force in England and Wales. This policy is effective from 14th May 2018.
Depending on the type of contact we have with you (for example, whether you are using our contact form to get in touch, or you’re just browsing) we might collect the following types of information:
- Identification of your past and current visits by finding and using cookies residing on your machine.
- Your name.
- Your contact information including an email address.
- Information obtained from your social media profiles registered with us.
- Demographic information such as postcode, preferences and interests.
- Other information relevant to customer surveys and/or offers.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Social Media Data Gathering
Social media data gathering is done via technology we employ to help us identify when you may have encountered us through social media, or to send you targeted marketing messages relating to products we have to offer during your social media experience. The use of this technology does result in our holding your personal contact details and likes and dislikes. We do not categorise this information based on what the law describes as “sensitive personal data”. We do this automatically, however there is a facility for you to stop our processing of such data by managing your browser preferences.
Note also that third party cookies might be downloaded onto your device as a result of your use of this website. For example if you were to send information from this website to your social media account, your account may require the use of such cookies to enable this transfer to take place. These cookies are not under our control and we disclaim any responsibility for the acts of third party cookies.
Analytics
How do we use the personal information we collect?
We use the information we collect to understand your needs and provide you with a better service, in particular for the following reasons:
- Internal record keeping.
- We may use the information to improve our products and services.
- To manage promotional offers available to you, offered by us.
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting, using the email address which you have provided.
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone or mail.
- We may use the information to customise the website according to your interests.
Who we share your data with
We don’t share your personal information. We don’t sell, distribute or lease your personal information to third parties unless we have your explicit permission or are required to by law. We may use your personal information to send you promotional information about third parties which we think you may find interesting, if you tell us that you wish this to happen.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Our contact information
If you have any questions or concerns about your use of your personal data, please get in touch with us. Our contact details are as follows-
Address: Portland Court, Portland Road, Torquay, TQ1 3NB
T| 01803 323958
E-mail| info@rococotorquay.co.uk
Additional information
What data breach procedures we have in place
The GDPR prescribes the duty on all organisations to report certain types of data breach to the relevant supervisory authority.
Preparing for a personal data breach
- We know how to recognise a personal data breach.
- We understand that a personal data breach isn’t only about loss or theft of personal data.
- We have prepared a response plan for addressing any personal data breaches that occur.
- We have allocated responsibility for managing breaches to a dedicated person or team.
- Our staff know how to escalate a security incident to the appropriate person or team in our organisation to determine whether a breach has occurred.
Responding to a personal data breach
We have in place a process to assess the likely risk to individuals as a result of a breach.
- We know who is the relevant supervisory authority for our processing activities.
- We have a process to notify the ICO of a breach within 72 hours of becoming aware of it, even if we do not have all the details yet.
- We know what information we must give the ICO about a breach.
- We have a process to inform affected individuals about a breach when it is likely to result in a high risk to their rights and freedoms.
- We know we must inform affected individuals without undue delay.
- We know what information about a breach we must provide to individuals, and that we should provide advice to help them protect themselves from its effects.
- We document all breaches, even if they don’t all need to be reported.
Industry regulatory disclosure requirements
Cancellation Policy
A 24 hour cancellation policy is required when a client wishes to change or cancel their appointment.
Disclaimer
Patch tests required 24 hours prior for some of our treatments, such as for lash tinting.