top of page

Privacy Policy for Ombre School of Aesthetics

 

At Ombre School of Aesthetics (“we,” “us,” “our”), we are committed to protecting your privacy and ensuring that your personal data is handled in accordance with UK law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, and protect your personal data when you interact with us.

 

1. Who We Are

 

Ombre School of Aesthetics provides training in aesthetics. We act as the data controller for the personal data you provide to us.

 

If you have any questions about this policy, please contact us:

Email: [Insert email address]

Phone: [Insert phone number]

Address: [Insert business address]

 

2. What Data We Collect

 

We may collect the following categories of personal data:

• Identity Data: Name, date of birth, and gender.

• Contact Data: Address, email, and phone number.

• Payment Data: Card details and billing address (processed securely via our payment processor).

• Professional Data: Qualifications and work experience (if required for certain courses).

• Course Data: Attendance records, progress, and certifications.

• Technical Data: IP address, browser type, and usage data when you visit our website.

 

3. How We Use Your Data

 

We use your personal data for the following purposes:

• To process bookings and payments.

• To provide training courses and issue certificates.

• To communicate with you regarding your course, including updates or cancellations.

• To comply with legal and regulatory obligations.

• To improve our services and ensure a safe user experience on our website.

• For marketing purposes, where you have given your explicit consent.

 

4. Legal Basis for Processing

 

We rely on the following legal bases for processing your personal data:

• Contractual Necessity: To fulfill our contractual obligations to you (e.g., providing training).

• Consent: For sending marketing communications (you may withdraw your consent at any time).

• Legal Obligation: To comply with UK laws and regulations.

• Legitimate Interest: To improve our services and protect our business.

 

5. How We Share Your Data

 

We do not sell your personal data. However, we may share your data with trusted third parties, such as:

• Payment processors (to handle transactions securely).

• Service providers (e.g., IT support or email marketing platforms).

• Regulatory bodies (to comply with legal requirements).

 

All third parties are required to respect the security of your personal data and to use it only for the purposes specified by us.

 

6. How Long We Retain Your Data

 

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Legal and regulatory compliance.

• Resolving disputes or enforcing agreements.

• Retaining records for tax purposes (generally 6 years).

 

7. Your Rights

 

Under the UK GDPR, you have the following rights:

• Access: Request a copy of your personal data.

• Correction: Request correction of inaccurate or incomplete data.

• Erasure: Request deletion of your data (subject to legal retention requirements).

• Restriction: Request limitation of data processing.

• Portability: Request transfer of your data to another service provider.

• Objection: Object to data processing for direct marketing or legitimate interests.

• Withdraw Consent: Withdraw consent for processing based on your consent.

 

To exercise your rights, please contact us using the details provided above.

 

8. How We Protect Your Data

 

We implement appropriate technical and organisational measures to protect your personal data, including:

• Secure servers and encrypted data storage.

• Access controls and staff training on data protection.

• Regular reviews of our data security policies and procedures.

 

9. Cookies and Website Usage

 

We use cookies to enhance your experience on our website. For more information about the cookies we use and how to manage them, please see our Cookie Policy.

 

10. Updates to This Privacy Policy

 

We may update this Privacy Policy from time to time to reflect changes in the law or our business practices. The latest version will always be available on our website.

 

11. Complaints

 

If you are unhappy with how we handle your data, please contact us. You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO):

Website: www.ico.org.uk

Phone: 0303 123 1113

 

By engaging with Ombre School of Aesthetics, you agree to this Privacy Policy.

bottom of page