top of page

Privacy Policy

At Gemma Souter, Hair & Make Up, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the UK.

1. Information We Collect

We collect and process personal data that you provide to us when booking our bridal hair and makeup services, which may include:

  • Contact Information: Name, email address, phone number, and postal address.

  • Event Details: Wedding date, venue, and relevant logistical information.

  • Payment Information: Bank details or payment transaction information.

  • Hair and Makeup Preferences: Style preferences, skin type, hair type, and any allergies or sensitivities.

  • Photographs: Images you share or that we capture during hair and makeup trials or on your wedding day (with your consent).

2. How We Use Your Data

We collect and use your data under the lawful bases of contractual necessity, consent, and legitimate interest to:

  • Manage your booking and provide bridal hair and makeup services.

  • Understand your preferences to offer personalized styling.

  • Communicate with you about appointments, consultations, and updates related to your event.

  • Process payments for services rendered.

  • Use photographs, with your explicit consent, for marketing purposes (e.g., website or social media).

3. Legal Basis for Processing

Under GDPR, we rely on the following lawful bases for processing your personal data:

  • Contractual Necessity: To fulfill our obligations under our contract with you (e.g., providing hair and makeup services for your wedding).

  • Legitimate Interests: For certain business purposes (e.g., improving our services or communicating with you regarding updates), provided these interests are not overridden by your rights and freedoms.

  • Consent: Where you have given explicit consent, such as allowing us to use your images for marketing or promotional purposes.

You have the right to withdraw your consent at any time by contacting us.

4. Sharing Your Data

We do not sell or share your personal data with third parties, except in the following instances:

  • Service Providers: We may share your data with trusted third-party service providers, such as booking platforms, payment processors, or freelance team members, who assist in delivering our services. These providers are contractually obligated to handle your data securely and only for specified purposes.

  • Legal Obligations: We may disclose your personal information if required to do so by law or in response to valid requests from public authorities.

5. Data Security

We implement appropriate technical and organisational measures to ensure the security of your personal data. These include secure storage of digital and physical records, encrypted communications, and access controls to prevent unauthorised access, disclosure, or loss of your information.

6. International Data Transfers

As a UK-based business, your data is primarily processed within the UK. However, if any third-party service providers process data outside the UK or European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as standard contractual clauses, to protect your data in line with GDPR requirements.

7. Your Rights Under GDPR

You have several rights under the GDPR regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.

  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.

  • Right to Erasure ("Right to be Forgotten"): You can request that we delete your data where it is no longer necessary for the purposes for which it was collected, subject to legal obligations.

  • Right to Restrict Processing: You can request that we restrict the processing of your data in certain circumstances.

  • Right to Data Portability: You can request that we provide your data in a structured, commonly used, and machine-readable format to another service provider.

  • Right to Object: You can object to the processing of your data for direct marketing or other purposes based on our legitimate interests.

  • Right to Withdraw Consent: If you have given consent to the use of your data, you can withdraw this consent at any time.

To exercise any of these rights, please contact us at hello@gemmasouter.co.uk. We will respond to your request within 30 days as required by GDPR.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Once your data is no longer required, it will be securely deleted or anonymised.

9. Cookies and Tracking Technologies

Our website may use cookies or similar technologies to enhance your browsing experience and analyse site traffic. You can manage your cookie preferences through your browser settings.

10. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or industry standards. Any changes will be posted on this page with the updated effective date. We encourage you to review this policy periodically to stay informed.

11. Contact Information

If you have any questions, concerns, or complaints regarding this Privacy Policy or your personal data, please contact us at:

If you believe that we have not adequately addressed your concerns, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection issues, at www.ico.org.uk.

01

03

02

04

bottom of page