I’m struggling to work out what applies to me, I’ve just started up with only a few clients. I’m not sure what I’m supposed to do, do I need to write a privacy policy, does anyone know where I can find the info?
GDPR help please
- Thread starter c.mrsm
- Start date
Help Support SalonGeek:
- Joined
- Aug 11, 2011
- Messages
- 10,907
- Reaction score
- 6,923
https://www.salongeek.com/threads/how-many-of-you-are-ready-for-the-new-data-protection-laws.321855/
Some useful pointers in this thread
Some useful pointers in this thread
- Joined
- Sep 4, 2008
- Messages
- 983
- Reaction score
- 788
If you have a website, you need a privacy policy and a cookie opt-in tool. If the website collects customer data i.e. has a contact form, it is more complicated.
If you don't have a website, then you don't need to ask customers to sign a privacy document, as you need their name and phone number, etc for "legitimate use". This means you has a business contract to supply a service or product. You need their private data for example, to book the appointment and call them to reschedule if you are ill.
This assumes you do not collect sensitive data like medical info - such as allergies. Otherwise you need to protect the data to a higher level.
You need to make a list of what customer data you have, how it is used, how it is stored, what you do if the phone or PC containing data is lost or stolen.
You need to have a privacy policy that explains the customers rights - for their data to be deleted, pause (not used, not deleted), modified or how they can get access to the data you have.
There is a lot more to GDPR, but I assume you are not sending email newsletters or have a webshop.
If you don't have a website, then you don't need to ask customers to sign a privacy document, as you need their name and phone number, etc for "legitimate use". This means you has a business contract to supply a service or product. You need their private data for example, to book the appointment and call them to reschedule if you are ill.
This assumes you do not collect sensitive data like medical info - such as allergies. Otherwise you need to protect the data to a higher level.
You need to make a list of what customer data you have, how it is used, how it is stored, what you do if the phone or PC containing data is lost or stolen.
You need to have a privacy policy that explains the customers rights - for their data to be deleted, pause (not used, not deleted), modified or how they can get access to the data you have.
There is a lot more to GDPR, but I assume you are not sending email newsletters or have a webshop.
I have a website which I built myself, clients can contact me through it via an email but no booking or info is stored on it at all. All my clients so far have come through my Facebook site? I store info on consultation cards and client cards but that’s it? I’m finding it really confusing. I couldn’t find anything on the thread listed above x
- Joined
- Sep 4, 2008
- Messages
- 983
- Reaction score
- 788
GDPR is an 81 page document. There are no "one size fits all" answers. There is a lot of information online and in some Facebook groups - try searching GDPR.
In addition to a Privacy Policy on your website, you need to use something like www.cookiebot.com
In addition to a Privacy Policy on your website, you need to use something like www.cookiebot.com
- Joined
- Sep 4, 2008
- Messages
- 983
- Reaction score
- 788
I still don't understand how to edit posts here. There is no Edit option on my screen.
I just wanted to add that we wrote a 6 page document "GDPR for Nail Salons" for our clients. If you want a copy, send me a message here. I won't post a link here, as it has our company name all over it (to protect our copyright) and don't want to upset Admins. This document only provides an overview - because each business manages data in different ways. But once you understand what you need to do, you can probably find templates online.
I just wanted to add that we wrote a 6 page document "GDPR for Nail Salons" for our clients. If you want a copy, send me a message here. I won't post a link here, as it has our company name all over it (to protect our copyright) and don't want to upset Admins. This document only provides an overview - because each business manages data in different ways. But once you understand what you need to do, you can probably find templates online.
