Privacy policy

This Privacy Policy sets out the basis on which we collect and process personal data about you including our practices regarding the collection, use, storage and disclosure of personal

HenleyRooms understands and appreciates the importance of protecting and respecting your privacy. For the Data Protection Act 1998 (the Act), and General Data Protection Regulations 2018 (GDPR) the Data Controller is [HenleyRooms] of [see address below. (When we refer to ‘we’, ‘us’ and ‘our’, we mean HenleyRooms)

 

1. Introduction

This privacy policy tells you how HenleyRooms use your personal data when you visit our website, interact with us, and buy our goods and services.

It also tells you about your privacy rights and how the law protects you.

It is important that you read this privacy policy, together with any other privacy policies we may provide, so that you are fully aware of how and why we are using your data.

This privacy policy was updated on 25th of May 2018.

If you have any questions, or would like to exercise your privacy rights, please follow the instructions in this privacy policy. (How to contact HenleyRooms see below).

HenleyRooms understands and appreciates the importance of protecting and respecting your privacy. For the purpose of the Data Protection Act 1998 (the Act), and General Data Protection Regulations 2018 (GDPR) the Data Controller is Mary Lawson-Evans.

This Privacy Policy sets out the basis on which we collect and process personal data about you including our practices regarding the collection, use, storage and disclosure of personal data that we collect from you and/or hold about you, and your rights in relation to that data.

Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website or other online e platform(s) you are consenting to the practices as described in this Privacy Policy.

2. What personal data may we collect from you?

When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual.

Accordingly, we may hold and use personal data about you as a customer, client or when you visit one of our social media sites, complete a form, access our services or speak to us. Depending on what services you receive from us this may include sensitive personal data.

Personal data we collect from you may include the following:

  • information that you give us when you enquire or become a customer or patient of us or apply for a job with us including name, address, contact details (including email address and phone number)
  • the name and contact details (including phone number) of your next of kin
  • details of referrals, quotes and other contact and correspondence we may have had with you
  • details of services and/or treatment you have received from us.
  • information obtained from customer surveys, promotions and competitions that you have entered or taken part in
  • notes and reports about your health and any treatment you have received, including salon, hospital visits and medicines administered
  • patient feedback and treatment outcome, you provide
  • information about complaints and incidents
  • information you give us when you make a payment to us, such as financial or credit card information
  • other information received from other sources, including from your use of websites and other digital platforms we operate (apps), information from business partners, advertising networks, analytics providers, or information provided by other companies who have obtained your permission to share information about you.

Where you have named someone as your next of kin and provided us with personal data about that individual, it is your responsibility to ensure that that individual is aware of and accepts the terms of this Privacy Policy.

Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform,

The data that we request from you may include sensitive personal data. This includes information that relates to the mental or physical health or racial or ethnic origin. By providing us with sensitive personal data, you give us your explicit consent to process this sensitive personal data for the purposes set out in this Privacy Policy.

3. When do we collect personal data about you?

We may collect personal data about you if you:

  • visit one of our websites
  • enquire about any of our services or treatments
  • register to be a customer/client with us or make a booking to receive any of services or treatments
  • carry out a transaction on our website
  • participate in a competition or promotion or other marketing activity
  • contact us, for example by email, telephone or social media
  • participate in interactive features on any of our websites.

4. What personal data we may receive from third parties and other sources?

We may collect personal data about you from third parties;

We may be passed medical information usually in the form of a referral for the purposes of your treatment with HenleyRooms or a third-party consultant;

Consultants/GP’s may need to share your personal data and medical records with HenleyRooms;

5. How do we use your personal data?

Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws, and Insurance record retention.

Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with UK laws (unless you object). Further details on how we use health related personal data are given below. We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it. Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.

6. We may use your personal data to:

  • provide you with information, products/services that you request from us
  • provide you with information about products/services we offer that we feel may interest you. Unless you have consented to receive marketing communications by electronic means from us, by ticking the relevant box on the form on which we collect your data, we will only contact you by electronic means (e-mail or SMS) with information about products and services similar to those which you previously purchased or enquired about from us
  • allow you to participate in interactive features of our services, if you choose to
  • notify you about changes to our products or services
  • respond to requests where we have a legal obligation to do so
  • assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise, so that these can be properly investigated

7. The security of your personal data

We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. We conduct assessments to ensure the ongoing security of our information systems.

Any personal data you provide will be held for as long as is necessary for the purpose for which it was collected and in accordance with all applicable UK laws.

Personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who works for us or for one of our suppliers. Where we transfer your personal data outside the EEA, we will ensure that there are adequate protections in place for your rights, in accordance with Data Protection Laws. By submitting your personal data, and in providing any personal data to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.

All information you provide to us is stored securely. Any payment transactions will be processed securely by third party payment processors. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our website, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.

The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.

At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.

8. Disclosure of your personal data

In the usual course of our business we may disclose your personal data (to the extent necessary) to certain third-party organisations that we use to support the delivery of our services. This may include the following:

  • business partners or Independent consultants.
  • organisations providing IT systems support and hosting in relation to the IT systems on which your information is stored,
  • third party service providers for the purposes of storage of information and confidential destruction, third party marketing companies for the purpose of sending marketing emails, subject to obtaining appropriate consent.

Where a third-party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws.

We may also disclose your personal data to third parties in the event that we sell the business or where we are required by law to do so.

9. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

10. Health information collected during provision of treatment or services

Sensitive personal data (including information relating to your health) will only be disclosed to third parties in accordance with this Privacy Policy. That includes third parties involved with your treatment or care.

Your GP: If the practitioners treating you believe it to be clinically advisable, we may also share information about your treatment with your GP. You can ask us not to do this, in which case we will respect that request if we are legally permitted to do so, but you should be aware that it can be potentially very dangerous and/or detrimental to your health to deny your GP full information about your medical history, and we strongly advise against it.

Your insurer: If you raise a complaint or a claim we may be required to share personal data with your medical insurer for the purposes of investigating any complaint/claim. :  We provide only the information to which they are entitled.

Emergency: In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).

11. Marketing

If you have consented to our processing your personal data for marketing purposes, in accordance with this Privacy Policy, we may send you information (via mail, email, phone or SMS) about our products and services which we consider may be of interest to you.

You have the right to ask us not to process your information in this way at any time.

If you no longer wish to receive web based marketing information you can unsubscribe by either updating your subscription and opting out or email:This email address is being protected from spambots. You need JavaScript enabled to view it.:<a%20href="/ mailto:mary="" henleyrooms="" com="" co="" uk="">This email address is being protected from spambots. You need JavaScript enabled to view it.

12. Your Rights

The law gives you certain rights in respect of the personal data that we hold about you.  In addition to your right to stop marketing, detailed above, below are the most commonly-used rights.  It is not an exhaustive statement of the law.

  • You have the right to a copy of the personal data that we hold about you
  • You have the right to have the personal data we hold about you corrected if it is factually inaccurate. If any of your personal data has changed, especially contact information such as: email address, postal address and phone number please get in touch with so we can ensure your personal data is kept up to date

If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email on This email address is being protected from spambots. You need JavaScript enabled to view it. or to write to us for the attention of the data protection officer at the address below.  In order to protect your privacy, we may ask you to prove your identity before we can reply. (it may take up to 30 days for us to respond and a £10.00 processing fee maybe charged to meet our costs in providing you with details of the information we hold about you. This fee will only be charged in line with GDPR guidelines).

 

Data Protection Officer, ADDRESS:-


FAO: DPO/Mary Lawson-Evans
HenleyRooms
5 Mansell Street
Stratford upon Avon CV37 6NR

If you would like to receive this Privacy Policy in any other form, please do contact our Data Protection Officer so we can endeavour to meet your requirements as soon as possible.

If you are not satisfied with how we handle your request, you can contact the Information Commissioner’s Office on 0303 123 1113 or visit their website (http://www.ico.org.uk).

E-News Signup

Opening Times

 Monday CLOSED
 Tuesday  9am - 6pm
 Wednesday  9am - 7pm
 Thursday  9am - 8pm
 Friday  9am - 7pm
 Saturday  9am - 5pm

 BOOK ONLINE NOW