Privacy Policy | Dalila Hairdressing

Introduction

Dalila Hairdressing ("we", "us", "our", "the Salon") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit our salon, use our services, or interact with our website at https://dalilahairdressing.com.

This policy complies with the General Data Protection Regulation (GDPR) and Dutch data protection laws. By using our services or website, you consent to the data practices described in this policy.

Contact Information

Dalila Hairdressing
Voorbaan 60
1271 WS Huizen
The Netherlands
Phone: 0634005006
Email: admin@dalilahairdressing.com

Personal Data We Collect

Information You Provide Directly

When you book appointments or use our services, we collect:

Personal Identification: Full name, date of birth, gender
Contact Information: Email address, phone number, mailing address
Appointment Details: Service preferences, booking dates and times, stylist preferences
Payment Information: Billing information, payment method (processed securely through third-party payment processors)
Service History: Records of services performed, products used, color formulas, notes about preferences
Health Information: Allergies, sensitivities, medical conditions affecting hair services, medications, pregnancy status (where disclosed for service safety)
Photos: Before/after photos of hairstyles (with your consent)
Communication Records: Correspondence via email, phone, or messaging

Information We Collect Automatically

When you visit our website, we automatically collect:

Technical Data: IP address, browser type and version, device type, operating system
Usage Data: Pages visited, time spent on pages, links clicked, referral source
Location Data: General geographic location based on IP address
Cookie Data: Information collected through cookies and similar technologies (see Cookie Policy section)

How We Use Your Personal Data

We process your personal data for the following purposes:

Service Delivery (Legal Basis: Contract Performance)

Schedule and manage your appointments
Perform the salon services you request
Process payments and maintain financial records
Maintain accurate service history and preferences
Contact you regarding your appointments
Ensure service safety based on disclosed health information

Business Operations (Legal Basis: Legitimate Interest)

Maintain client records and service history
Improve our services and customer experience
Analyze business performance and customer preferences
Manage gift vouchers and loyalty programs
Handle complaints and resolve disputes
Protect against fraud and ensure security

Marketing and Communications (Legal Basis: Consent)

Send newsletters, promotional offers, and updates about our services
Share before/after photos on social media and marketing materials (with explicit consent)
Inform you about new services, products, or special offers
Send appointment reminders and follow-up communications

Legal Compliance (Legal Basis: Legal Obligation)

Comply with accounting, tax, and legal requirements
Respond to legal requests and prevent illegal activities
Maintain records as required by law
Protect our legal rights and enforce our terms

Health and Sensitive Data

We may collect and process sensitive personal data (special category data under GDPR) including health information, allergies, and medical conditions. We only process this data with your explicit consent and solely for the purpose of providing safe salon services.

This information is kept strictly confidential, stored securely, and only accessed by authorized salon personnel who need it to perform services safely.

Data Retention

We retain your personal data for the following periods:

Client Records and Service History: 7 years from last service (for business records and legal compliance)
Financial Records: 7 years (as required by Dutch tax law)
Marketing Consent: Until you withdraw consent or 2 years of inactivity
Website Analytics: 24 months maximum
CCTV Footage (if applicable): 30 days maximum
Complaint Records: 7 years from resolution

After these periods, we will securely delete or anonymize your data unless we are legally required to retain it longer.

How We Share Your Data

Dalila Hairdressing does not sell your personal data to third parties.

We may share your data with:

Service Providers

Booking Systems: Salonized or similar appointment management platforms
Payment Processors: Secure payment gateways for processing transactions
Email Marketing: Newsletter and email service providers (only if you've consented to marketing)
Website Hosting: Netlify for website hosting and infrastructure
Analytics: Website analytics services to understand user behavior

All third-party service providers are contractually bound to protect your data and may only use it for the purposes we specify.

Legal Requirements

We may disclose your data when required by law, such as:

In response to court orders, subpoenas, or legal processes
To comply with tax and accounting regulations
To protect our rights, property, or safety, or that of others
To prevent fraud or illegal activities

Business Transfers

If our business is sold, merged, or restructured, your personal data may be transferred to the new owner, who will be required to protect it under the same terms as this policy.

Cookie Policy

What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They help us provide a better user experience and understand how our website is used.

Types of Cookies We Use

Essential Cookies

Required for the website to function properly. These include session cookies and security cookies. You cannot opt out of these cookies.

Functional Cookies

Remember your preferences and choices (e.g., language preferences). Retention: Up to 1 year.

Analytics Cookies

Help us understand how visitors use our website. We use these to improve our site. Retention: 24 hours to 2 years.

Google Analytics (anonymized IP)
Website performance monitoring

Marketing Cookies

Track your browsing behavior to show relevant advertisements. Retention: Up to 90 days.

Social media integration (Instagram, Facebook)
Advertising campaign tracking

Managing Cookies

You can manage or disable cookies through your browser settings. Note that disabling cookies may affect website functionality. On your first visit, you'll see a cookie consent banner where you can accept or customize your cookie preferences.

Automated Decision-Making

We may use automated systems (such as Salonized) for appointment scheduling and reminders. These systems make automated decisions about appointment availability and send automated communications. You have the right to request human intervention in these decisions.

International Data Transfers

Our website is hosted on Netlify's global infrastructure. The exact hosting location may vary depending on Netlify's content delivery network. Some third-party service providers may process data outside the European Economic Area (EEA). When this occurs, we ensure that:

The transfer is to countries with adequate data protection (as determined by the European Commission)
Appropriate safeguards are in place (such as Standard Contractual Clauses)
Your data receives equivalent protection to that required by GDPR

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access

You can request a copy of all personal data we hold about you, including service history, contact information, and any photos.

Right to Rectification

You can request that we correct any inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, except where we must retain it for legal compliance (e.g., financial records).

Right to Restriction of Processing

You can request that we limit how we use your data in certain circumstances.

Right to Data Portability

You can request your data in a structured, commonly used format to transfer to another service provider.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where we process data based on consent (e.g., marketing, photos), you can withdraw consent at any time without affecting prior processing.

How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: admin@dalilahairdressing.com
Phone: 0634005006
In person: Voorbaan 60, 1271 WS Huizen, The Netherlands

We will respond to your request within one month. We may need to verify your identity before processing your request.

Marketing Communications

We will only send you marketing communications if you have opted in to receive them. You can opt out at any time by:

Clicking the "unsubscribe" link in any marketing email
Contacting us directly to remove you from marketing lists
Updating your preferences in your account (if applicable)

Opting out of marketing does not affect service-related communications (appointment confirmations, reminders, etc.).

Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Secure storage of physical records in locked cabinets
Password-protected electronic systems
Encrypted data transmission (SSL/TLS)
Access controls limiting who can view personal data
Regular security assessments
Staff training on data protection
Secure payment processing through PCI-compliant providers

While we take reasonable precautions, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

Notify the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) within 72 hours
Notify affected individuals without undue delay
Provide information about the breach, its likely consequences, and mitigation measures

Children's Privacy

Our website and services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent.

For salon services provided to minors, we require a parent or guardian to provide consent and accompanying information on their behalf.

Photography and Social Media

Before taking photos of your hairstyle or posting them on social media or marketing materials, we will:

Obtain your explicit written or verbal consent
Inform you where the photos will be used (website, Instagram, Facebook, etc.)
Not include personally identifiable information (full name) unless you specifically consent
Allow you to withdraw consent at any time (though we may not be able to remove photos already shared publicly)

Third-Party Websites

Our website may contain links to third-party websites (booking systems, social media, etc.). This Privacy Policy does not cover those sites. We encourage you to read their privacy policies before providing any personal information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make significant changes, we will:

Update the "Last updated" date at the top of this policy
Notify you via email if we have your contact information (for material changes)
Post a notice on our website

Continued use of our services after changes indicates acceptance of the updated policy.

Complaints and Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Dutch Data Protection Authority:

Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ Den Haag
The Netherlands
Phone: (+31) - (0)70 - 888 85 00
Website: autoriteitpersoonsgegevens.nl

We encourage you to contact us first so we can address your concerns directly.

Questions and Contact

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Dalila Hairdressing
Voorbaan 60
1271 WS Huizen
The Netherlands
Phone: 0634005006
Email: admin@dalilahairdressing.com