General Data Protection Regulation Policy (GDPR)
We are committed to protecting your privacy
UK Data Protection Legislation
We have very clear responsibilities under current legislation, to take good care of everyone’s information and we take that responsibility very seriously.
Personal data is information which directly or indirectly identifies you. We are committed to processing your personal data in accordance with EU data protection laws. For the purposes of EU data protection laws Pampered Head 2 Toe is the data controller.
It will be necessary for you to give us personal data so that we can provide you with the services and fulfil our relationship with you by informing you of your appointments and any special offers/events. We will comply with applicable laws, regulations and/or codes of practice and for the other purposes as set out in this Notice where in our legitimate interests.
How we collect your information
Pampered Head 2 Toe collects information via a variety of sources, including when you apply for and use our services, when you call, write, e-mail or when you visit the salon or respond to a survey. We may collect information from you when you use our social media site, websites or any self-service portal.
We may also take photographs with your permission to use for general marketing and publicity. However, photographs of individuals will only be used for those purposes with your consent.
What information do we collect about you?
We may collect your personal information in a number of ways, including:
- When applying for and using our services;
- When you call us;
- When you enter into a new client record with us;
- When you contact and interact with us;
- When you ask us to contact you;
We may use your personal data for reasons including but not limited to the following:
- to verify your identity when making contact with us
- to provide services requested by you
- to administer surveys;
- to manage events;
- to comply with applicable laws, regulations and/or codes of practice;
- for any other reason for which you give your permission.
How and where is my data stored?
Security of data is a major priority for us and we confirm that all data is stored in the UK. We hold information in IT systems which may be copied for testing, backup, archiving and disaster recovery purposes.
Pampered Head 2 toe operates a range of information and communication systems and technologies for efficient operation of the business. Personal Information is stored and managed in those systems which are maintained to achieve a high level of Confidentiality, Integrity and Availability (CIA) including following best practice cyber security standards
We will always ensure that any personal information that you provide to us, which is held electronically will be on secure servers. If any personal data is stored on servers in countries outside of the European Economic Area (EEA), we will undertake appropriate due diligence to ensure that any third party supplier adheres to appropriate EU standards of data protection.
We will take appropriate measures to prevent unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to personal data.
We may also store personal information in paper form. Paper files will be kept in secure storage and access will be limited to authorised employees of Burns Property Management and Lettings Limited or to others where legally required to do so.
Who we share your data with.
We may disclose certain personal data in the following circumstances:
- to professional advisors, receivers and administrators (where applicable), and service providers (including for example, information technology systems providers) who may help us provide services;
- to courts, governmental and non-governmental agencies, regulators and ombudsmen;
- law enforcement agencies;
- relevant tax authorities, where required to do so by law;
- to any relevant third party in the course of an acquisition, sale, transfer, reorganisation or merger of parts of our business or our assets
- in the event that the management of the property, where you have an interest ,is transferred to another agent.
- as required or permitted by law or regulation, where we are under a duty to disclose or share your personal data in order to comply with any legal obligation;
- verify the accuracy of the data you have provided to us;
- assist in the prevention of criminal activity, fraud and money laundering;
- manage your account(s) and the accounts of the property where you have an interest
- trace and recover debts.
Data Retention and Disposal of Data
We will retain your personal data for a period of at least 7 years from the end of the relationship with Burns Property Management and Lettings Limited (usually when you sell or transfer your property or the management is transferred to another agent) to enable us to fulfil our record keeping obligations.
At the end of the relationship, your personal information will be archived in accordance with the timescales stated above, unless required by law to do otherwise. After this time, personal data will be placed beyond use or destroyed using professional Confidential Waste services, for which a Waste Transfer Note is retained.
In accordance with the Information Commissioners Office guidelines, we will:
- Ensure that it is not accessed or used to inform any decision in respect of any individual or in a manner that affects the individual in any way;
- Surround the personal data with appropriate technical and organisational security;
- Commit to permanent deletion of the information if, and/or when, this becomes possible.
- you exercise your rights to change or withdraw your consent
- The right to know how we use your personal data;
- The right to request access to information we hold about you and we will respond within 1 month;
- The right to be able to rectify or change any data that we hold about you where it is inaccurate or incomplete;
- The right to ask for copies of any data we hold on you to be deleted when it is no longer needed for the purposes it was collected (unless legally required to do so);
- The right to object or restrict us from processing your personal data (unless legally required to do so).
If you wish to exercise any of these rights or withdraw consent to use your personal data you should contact the Data Protection Officer as described below. It will always help if you can be specific about what personal data you want to see, what it relates to and within what timeframe, as that will assist us greatly with our search.
You also have the right to complain about the processing of your personal data with your local data protection supervisory authority (in the UK, the Information Commissioner’s Office).
We may contact you periodically to conduct analysis and market research and to keep you up to date with relevant services and matters relating to your property and/or the property market and block management law, regulations, codes of practice. Where this information is provided electronically we may track your response, for example which emails you open. If you wish to stop receiving these types of communications from Pampered Head 2 Toe and you can click on the unsubscribe link in the communication or contact the Data Protection Officer as described below.
You have the right to ask us to change or withdraw your consent to us holding and processing your personal data. If you wish to exercise this right you should write (not email) giving the detail of your objections to:
Pampered Head 2 Toe
42 Old Milton Road
Hampshire, BH25 6DX
It may not always be possible to agree to your request if it legitimately affects our ability to carry out our duties and obligations. Your rights will be unaffected and you will never suffer any detriment as a result of requesting to change or withdraw your consent.
How do you raise a complaint if you think your personal data is not being managed correctly?
Please put your complaint in writing to:
The Owner – Teresa Bennett
42 Old Milton Road, New Milton, Hampshire, BH25 6DX
Pampered Head 2 Toe
42 Old Milton Road
New Milton, BH25 6DX
You will receive an acknowledgement of your complaint within 7 calendar days with a clear timeline of how your complaint will be dealt with.
If you are not satisfied with the outcome, you have the right to raise your concern to the Information Commissioners Office:
Changes to this Data Protection Notice
We may revise or supplement our Privacy Notice from time to time to reflect for example, any changes in our business, law, markets, or the introduction of any new technology. We will publish the updated Data Protection Notice on our website at: www.pamperedhead2toe.co.uk .
V1 – May 2018