Who we are
Our website address is: https://diamantestore.co.uk
Diamante Store is the trading name of Diamante Store Limited
Company number: 11271577
Registered office: 111a Station Road, West Wickham, Kent, United Kingdom, BR4 0PX
Diamante Store Limited is committed to protecting your privacy.
We are the primary data controller for the purpose of the data held.
What personal data we collect and why we collect it
What information we collect and why we collect it – We collect personal information which you provide through the below means:
- Visiting Diamante Hair Salon at 101 Station Rd, West Wickham BR4 0PX
- Verbally over the phone or in person
- Digitally through the use of online forms, cookies, the online customer portal and through emails
Personal information we collect includes:
- Name and address
- Contact number
- Email address
- Payment data
- Billing & Shipping address
This information will be collected, stored, accessed and processed in a secure manner.
We retain personal data on when and if it is necessary and relevant for our operations.
The data is retained for a period of time defined by our legitimate interest.
Once it is no longer necessary for us to hold your data we will dispose of it in a secure manner.
Additionally, your data may be entered into a Salon appointment booking system software for the purposes of appointment scheduling, membership of the Diamante Salon or Store brands, and membership of any newsletter subscriptions. If your data is entered into an application for the purpose of salon management e.g. a salon software, this provider will become the data processor.
To the extent that they are acting as data processor, they therefore act in accordance with the instructions of us regarding the collection, processing, storage, deletion and transfer of customer information, as well as other matters such as the provision of access to and rectification of customer data. They will only use such personal information for the purposes of providing the services and products for which we have engaged them.
As a data processor they may also share personal information with third party service providers who work for us and who are subject to security and confidentiality obligations.
A salon software company which we may use are acting as a data processor, they will refer any request from an individual for access to personal information which they hold about them to the data controller. They will not respond directly to the request.
They will retain personal information which they process on behalf of us for as long as needed to provide services and products to us and in accordance with any agreement in place with us.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Disclosure Of Your Personal Data To Third Parties
Internal third parties
We may share your personal information with our group companies, affiliates, subsidiaries, franchisees or contractors as necessary to carry out the purposes for which the information was supplied or collected (i.e. to provide the services and products you have requested from us).
External third parties
Personal information will also be shared with our third-party service providers and business partners who assist with the running this site, our business, our services and products including; hosting providers, email service providers and SMS providers. Our third-party service providers and business partners are subject to security and confidentiality obligations and are only permitted to process your personal information for specified purposes and in accordance with our instructions.
We may link to or show content from third party websites as a service to you but will not share personal data without your prior consent. These third-party websites are operated by companies that are outside of our control, and your activities at those third-party websites will be governed by the policies and practices of those third parties. We encourage you to review the privacy policies of these third parties before disclosing any information to them, as we are not responsible for the privacy policies of those websites.
In addition, we may disclose information about you when we believe, in good faith, that such use or disclosure is reasonably necessary to:
- Comply with law
- Enforce or apply the terms of any of our user agreements
- Protect our rights, property or safety, or the rights, property or safety of our users, or others
- In the event that we become involved in a business divestiture, change of control, sale, merger, or acquisition of all or a part of our business, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
- If all or substantially all of our assets are acquired by a third party, in which case personal information held by it about its customers will be one of the transferred assets;
- If we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation;
- If necessary to protect the vital interests of a person; and to enforce or apply our terms and conditions or to establish, exercise or defend the rights of Diamante Store Limited, our staff, customers or others.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
When you contact us, we may keep a record of your communication to help solve any issues that you might be facing. Your information may be retained for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirement.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us.
Security of Your Personal Data
The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.
We use appropriate measures to safeguard personally identifiable information, which measures are appropriate to the type of information maintained and follows applicable laws regarding the safeguarding of any such information under our control. In addition, in some areas of this Site, they may use encryption technology to enhance information privacy and help prevent loss, misuse, or alteration of the information under our control. We also employ industry-standard measures and processes for detecting and responding to inappropriate attempts to breach our systems.
No method of transmission over the Internet, or method of electronic storage, can be 100% secure. Therefore, we cannot guarantee the absolute security of your information. The Internet by its nature is a public forum, and we encourage you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.
If you have any questions about security on this Site, you can contact us as provided in “Contacting us” below.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Subject to certain limitations, you have rights under data protection laws in relation to your personal data. These rights include the rights to:
- Request access to your personal data – (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. Note that we may refuse to comply with a request for access if the request is manifestly unfounded or excessive, or repetitive in nature.
- Request correction of your personal data – this enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. Note that we may refuse to comply with a request for correction if the request is manifestly unfounded or excessive, or repetitive in nature.
- Request erasure of your personal data – this enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note that we may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims.
- Request restriction of processing your personal data – this enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. Note that we may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive, or repetitive in nature.
- Request transfer of your personal data – we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
- Right to withdraw consent – you can withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Cookies from third parties – We currently use the following third party cookies:
Information we collect from you about your browsing behaviour
We collect, store and use information about your visits to this Sites and about your computer, tablet, mobile or other device through which you access this Site. This includes the following information:
- General non-personal information pertaining to users of this Site technical information, including the Internet protocol (IP) address, source domain names, specific web pages, length of time spent, and pages accessed, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
- Information about your visits and use of this Site, including the full Uniform Resource Locators (URL), clickstream to, through and from this Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and website navigation and search terms used.
We use “Google Analytics” on this Site. This cookie provides us with a visitor count and an understanding of how visitors move around and use this Site. We can then use this information to improve navigability on this Site generally. The cookies we use on this Sites won’t collect personally identifiable information about you and we won’t disclose information stored in cookies that we place on your device to third parties.
We are obliged by Google Analytics to state the following:
IP Addresses and Aggregate Information
An Internet Protocol (“IP”) address is associated with your computer’s connection to the internet. We may use your IP address to help diagnose problems with our server, to administer this Site and to maintain contact with you as you navigate through the Site. Your computer’s IP address also may be used to provide you with information based upon your navigation through this Site.Aggregate information is used to measure the visitors’ interest in, and use of, various areas of this Site and the various programs that we administer. We will rely upon aggregate information, which is information that does not identify you, such as statistical and navigational information. With this aggregate information, we may undertake statistical and other summary analyses of the visitors’ behaviours and characteristics. Although we may share this aggregate information with third parties, none of this information will allow anyone to identify you, or to determine anything else personal about you.
The Site may, from time to time, contain links to and from the websites of our business partners, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Social Media and Online Engagement
We occasionally use a variety of new technologies and social media options to communicate and interact with customers, potential customers, employees and potential employees. These sites and applications include popular social networking and media sites, open source software communities and more. To better engage the public in ongoing dialog, certain of our businesses use certain third-party platforms including, but not limited to, Facebook, Twitter and LinkedIn. Third-Party Websites and Applications (TPWA) are Web-based technologies that are not exclusively operated or controlled by us. When interacting on those websites, you may reveal certain personal information to us or to third parties. Other than when used by our employees for the purpose of responding to a specific message or request, we will not use, share, or retain your personal information.
You have the right to make a complaint at any time with a supervisory authority, in particular in the EU (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner (www.ico.org.uk)
If we receive formal written complaints, we will follow up with the person making the complaint. We work with the appropriate regulatory authorities to resolve any complaints that cannot be resolved directly. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to this Policy
12 July 2018