By Hannah (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website (www.byhannah.uk) or interact with our services.
1. Information We Collect
We may collect and process the following types of personal information:
Contact Information: Name, email address, phone number, and other information you provide via contact forms or bookings.
Booking Information: Details about the services you book, such as bodywork treatments or bespoke getaways.
Payment Information: Billing details for processing payments (please note that we do not store payment information; these are processed securely through trusted third-party providers).
Website Usage Data: Information collected through cookies and analytics tools, such as IP address, browser type, and pages visited.
Sensitive Information: Health information or other details you provide when booking treatments or services.
2. How We Collect Your Information
We collect personal information when:
You fill out a contact or booking form on the website
You make a purchase or payment for services
You interact with the website (e.g., via cookies or Google Analytics)
You contact us via email, phone, or social media
You provide health or medical information as part of a consultation for treatments
3. How We Use Your Information
We use your information to:
Process bookings and payments for services
Respond to your enquiries or requests
Deliver personalised services, including bodywork treatments, bespoke getaways, or consultancy
Send updates about services or offerings (with your consent)
Improve the functionality of our website using analytics tools
Legal Bases for Processing:
We process your personal data on the following legal bases:
Your consent
The performance of a contract
Our legitimate interests in providing high-quality services and improving website functionality
Sensitive information (e.g., health details) is processed only with your explicit consent and solely for the purpose of providing the requested services.
4. Retention of Your Information
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. For example:
Contact form submissions: Retained for up to 12 months unless further action is required
Booking and service-related data: Retained for up to 7 years to comply with legal and insurance requirements
Website usage data: Retained for up to 26 months, as per Google Analytics' standard settings
5. How We Protect Your Information
We take reasonable steps to protect your personal information from unauthorised access, loss, or misuse, including:
Secure payment processing through trusted third-party providers
Encrypted storage of sensitive data
Regular reviews of our data protection practices
6. Sharing Your Information
We only share your personal information with trusted third-party providers to deliver our services. We never sell, rent, or share your data for marketing purposes.
We may share your information in the following circumstances:
With trusted service providers: For bookings and appointment management, we use Fresha. Fresha processes your personal data (e.g., name, contact details, and booking history) to facilitate appointments. Payment processing is securely handled by Fresha and its payment providers. We do not store your payment details. For more information, please refer to Fresha’s privacy policy: https://www.fresha.com/privacy-policy.
When required by law: To comply with legal obligations or in response to lawful requests by public authorities
Our website integrates with third-party platforms such as Fresha. These platforms may collect and process your personal data. We encourage you to review their privacy policies to understand how your data is handled.
7. Cookies and Analytics
We use cookies and similar technologies on our website to enhance your experience, improve functionality, and analyse how the website is used. Cookies are small text files stored on your device that allow us to recognise your preferences, track site performance, and deliver personalised content.
We use the following types of cookies:
Essential Cookies: These are necessary for the functioning of our website (e.g., enabling bookings, secure payments, and maintaining website security)
Analytics Cookies: These help us understand how visitors use our website, such as which pages are viewed most often. For this purpose, we use tools like Google Analytics
Functionality Cookies: These enable additional features, such as remembering your preferences and enhancing your browsing experience
Our website also contains links to third-party websites, such as social media platforms (e.g., Instagram and LinkedIn). These platforms may collect data or use cookies when you interact with their content. We encourage you to review the privacy policies of these platforms to understand how your data is handled.
Managing Cookies
You can manage or disable cookies at any time through your browser settings. Please note that disabling cookies may affect the functionality of the website. You can also manage your cookie preferences through our cookie banner when visiting the website. For example, disabling cookies may prevent certain interactive features, such as booking forms, from functioning properly.
8. Data Transfers
Some of our third-party service providers may process data outside the UK/EEA. We ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), which are approved under GDPR, are in place to protect your personal information when processed outside the UK/EEA.
9. Data Protection Compliance
We are registered with the Information Commissioner’s Office (ICO) under the Data Protection Act 2018, demonstrating our commitment to handling your personal data responsibly and in compliance with UK GDPR.
Our ICO Registration Number is: ZB766903.
10. Your Rights
You have the following rights regarding your personal information:
Access: Request a copy of the personal data we hold about you
Correction: Request corrections to inaccurate or incomplete data
Deletion: Request the deletion of your personal data (where it is no longer required for legal or contractual purposes)
Opt-Out: Unsubscribe from marketing emails at any time
Withdraw Consent: You have the right to withdraw your consent at any time, where processing is based on your consent (e.g., marketing communications or sensitive health data)
To exercise these rights, please contact us at hello@byhannah.uk.
11. Third-Party Links
Our website may contain links to third-party websites (e.g., booking platforms, social media). We are not responsible for the privacy practices of these websites and encourage you to review their privacy policies.
12. Updates to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated effective date.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at: hello@byhannah.uk