Privacy Policy

The Beauty Retreat Tring is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you use our services, book appointments, or interact with us — in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Business Name: The Beauty Retreat Tring
Business Address: 14 Miswell Lane Tring HP23 4BX
Contact Email: Thebeautyretreatsalon@hotmail.com
Phone Number: 01442 767730
Data Controller: The Beauty Retreat Tring

We use a secure booking and client management platform called Timely (GetTimely Ltd) to manage our appointments and client information.

We may collect and process the following personal data:

• Identity Information: Name, date of birth (if provided)
• Contact Information: Email address, phone number, address
• Appointment & Service History
• Health & Consultation Information: Allergies, skin conditions, medications (where relevant to treatments)
• Marketing Preferences
• Payment Data: (processed securely by Timely or integrated payment processors like Stripe)
• CCTV Footage: (if applicable on premises)

We collect personal data in the following ways:

• When you book an appointment online through Timely
• When you complete a consultation form or waiver (digitally via Timely)
• When you contact us via phone, email, or social media
• When you visit our salon

We use your personal information to:

• Schedule and manage appointments
• Deliver treatments and services safely and effectively
• Store consultation notes and health information
• Send confirmations, reminders, and updates about your bookings
• Process payments
• Contact you with special offers or updates (if you’ve opted in)
• Comply with insurance, tax, or legal requirements

We use Timely, a trusted, cloud-based platform that securely stores and manages our client data. Timely is fully compliant with UK GDPR and hosts data on secure servers.

Timely's Privacy Policy is available here: https://www.gettimely.com/privacy/

Data may also be processed by integrated services such as Stripe (for payments) or Mailchimp (for newsletters), all of which are GDPR-compliant.

We rely on the following lawful bases:

• Consent – for health data, marketing, and consultations
• Contract – to fulfil services you request
• Legal Obligation – for tax, accounting, and insurance records
• Legitimate Interests – to manage our business and provide services efficiently

Your personal data may be shared with:

• Timely – our appointment and client management provider
• Stripe – if you pay online (secure payment processor)
• Marketing Platforms – only if you have opted in to receive emails/texts
• Regulators or insurers – where required by law or for claims

We do not sell your data to third parties.

We retain personal data for:

• Client records and consultations – up to 7 years after your last visit (for legal and insurance purposes)
• Marketing preferences – until you opt out or withdraw consent

You have the right to:

• Access your personal data
• Request correction or deletion
• Withdraw your consent at any time (e.g. unsubscribe)
• Object to or restrict certain uses of your data
• Lodge a complaint with the Information Commissioner’s Office (ICO):
  www.ico.org.uk

To exercise any of these rights, contact us at: thebeautyretreatsalon@hotmail.com

We and our providers (including Timely) use secure, encrypted systems to protect your personal data from unauthorised access, loss, or misuse.

We may revise this Privacy Policy from time to time. The most recent version will always be available on our website or upon request in the salon.