Privacy Policy (UK GDPR)

Last updated: 8 October 2025

1) Who we are

Kutting Korner (“we”, “us”, “our”) is a professional hair and beauty salon based in Wolviston, near Billingham, UK. We are the Data Controller for the personal data we process in connection with our services and this website, https://kuttingkorner.uk/.
Contact: hello@kuttingkorner.uk

2) How to contact us

For any questions about this notice or to exercise your rights, email hello@kuttingkorner.uk

3) The data we collect

We collect and process the following categories of personal data:

  • Identity & contact data: name, email, phone number, address, social handles (if you contact us this way).
  • Booking & service data: appointment history, stylist/therapist notes, consultation details, colour formulas, patch test results, preferences.
  • Payment data: payment confirmations and transaction references (card data is handled by our payment provider, not stored by us).
  • Communication data: messages sent via contact forms, email, phone, or social media.
  • Marketing preferences: your choices about receiving updates and offers.
  • Website/technical data: IP address, device and browser details, cookie identifiers, pages viewed, and interactions (see “Cookies & Analytics” below).
  • CCTV (if used on premises): images recorded for security and safety.

We do not aim to collect special category data unless necessary for service delivery (e.g., allergies or sensitivities noted during consultations). Where required, we will ask for your explicit consent.

4) How we get your data

  • Directly from you when you book, visit the salon, contact us, or join our marketing list.
  • Automatically via our website and cookies.
  • From third-party platforms you use to book or communicate with us (e.g., online booking or social media).

5) Why we use your data (lawful bases)

We use your data only when we have a lawful basis under UK GDPR:

  • Contract: to take bookings, provide services, manage your appointments, and handle payments.
  • Legitimate interests: to run our business efficiently, keep records, send service-related updates, improve our website and services, protect our premises, and prevent fraud.
  • Consent: to send marketing by email/SMS and to record any health notes not strictly required for service delivery. You can withdraw consent at any time.
  • Legal obligations: tax/audit requirements, accident records, and responding to lawful requests.

6) What we do with your data

  • Manage appointments and client records.
  • Deliver services safely and to a high standard (including consultation notes).
  • Send service messages (confirmations, reminders, changes).
  • Process payments and issue receipts.
  • Provide customer support and handle enquiries.
  • Improve our website, services, and client experience.
  • Send marketing you’ve opted into.
  • Maintain security (including CCTV, if in use).

7) Sharing your data

We share data only with trusted Data Processors who help us deliver our services, for example:

  • Online booking and salon management software providers.
  • Payment processors.
  • Website hosting, IT support, and email service providers.
  • Marketing and analytics tools.
  • CCTV service providers (if applicable).

These processors act on our instructions and are bound by contracts to protect your data. We may also share data when required by law or to establish, exercise, or defend legal claims.

8) International transfers

Some providers may process data outside the UK. Where that occurs, we ensure appropriate safeguards are in place, such as UK IDTA/Addendum, EU Standard Contractual Clauses, or an adequacy decision.

9) Data retention

We keep personal data only as long as needed for the purposes set out above:

  • Client and booking records: typically up to 7 years after your last appointment (to manage service history and for tax/audit).
  • Consultation/patch test forms: as required for service safety and legal defence (normally up to 7 years).
  • Marketing data: until you opt out or your consent is withdrawn.
  • CCTV: usually 30–60 days unless required for investigations.
    We may retain data longer if necessary for legal claims or obligations.

10) Your rights

You have rights under UK GDPR, including:

  • Access to your personal data.
  • Rectification of inaccurate or incomplete data.
  • Erasure (in certain circumstances).
  • Restriction of processing (in certain circumstances).
  • Data portability (for data you provided, where processed by automated means and based on consent/contract).
  • Object to processing based on legitimate interests or direct marketing.
  • Withdraw consent at any time where processing relies on consent.

To exercise your rights, email hello@kuttingkorner.uk. We may need to verify your identity. You also have the right to complain to the Information Commissioner’s Office (ICO): ico.org.uk

11) Marketing

We will only send marketing by email/SMS with your consent or as otherwise permitted by law. You can opt out at any time using the unsubscribe link or by contacting us.

12) Cookies & analytics

Our website uses cookies and similar technologies to operate the site, remember preferences, and understand how visitors use our pages.

  • Strictly necessary cookies enable core functionality.
  • Performance/analytics cookies help us improve the site.
  • Marketing cookies (if used) help us show relevant content or measure campaigns.

Where required, we will seek your consent via a cookie banner. You can manage cookies in your browser settings and through our on-site cookie controls.

13) Children

Our services are not directed at children under 13. If you believe a child has provided us with personal data without appropriate consent, contact us and we will act promptly.

14) Security

We take appropriate technical and organisational measures to protect your data, including access controls, encryption in transit where possible, staff confidentiality, and regular reviews of processors and systems.

15) Social media & third-party links

Our website and profiles may include links to third-party sites or messaging platforms. Those services have their own privacy policies. Please review them before sharing personal data.

16) Changes to this notice

We may update this Privacy Policy from time to time. Material changes will be highlighted on this page. Please check back periodically to stay informed.

Questions or requests?
Email hello@kuttingkorner.uk and we’ll be happy to help.