Skin Matters Ltd. is dedicated to keeping our clients and their information safe.
Updated 28th December 2020.
These regulations aim to increase the accountability of organisations who handle personal data. Individuals are granted specific rights regarding their personal information, and how it is collected, stored, used, shared and protected. You can read more about the GDPR requirements on the Information Commissioner’s Office website.
We’ve tried to make this policy as transparent and ‘readable’ as possible. If you don’t understand any part of it, think that something in this policy is wrong or missing, or have any questions regarding your personal data, please contact us.
We, us – this business (Skin Matters) and the people directly involved in running it.
Our website or site – this website.
Client – any person who uses our services.
Visitors – any person who visits our website or social media profiles.
Our services – bespoke beauty and skin health treatments.
Our products - range of skin care products, usually sold in person to clients.
The type of personal information we collect
Names and email addresses via a contact form on our website.
Name and phone number when someone makes a general enquiry by phone.
Name, phone number, email address and relevant medical or skin health history when someone attends an initial consultation and becomes a client.
IP addresses, location (by country), browser type and other web analytics data when someone visits our website.
Basic contact details (usually name and email adddress) when we run online competitions or interactive promotions our blog, Facebook page or other social media accounts.
Public profile name and other information when someone comments on or otherwise interacts with a post on one of our social media accounts.
Name and email address and marketing preferences when someone subscribes to our newsletter.
Name, address, phone number, email address and work and/or education history when someone applies for an employment or training position with us.
Name, address, phone number when a purchase is made via our online shop.
How we collect personal information
We collect personal information directly when you provide it to us – as described above; automatically as you navigate through the website, or when you interact with social media or blog posts.
Personal information we collect about you from others
Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
Financial and/or transaction details from our payment provider PaySafe (located in the UK) in order to process or record a transaction.
Booking details and communications via our booking System software provider MindBody Inc (based in the US) used to manage client appointments.
Third party service providers (like Google and Facebook) who are located in the US, which may provide basic browsing information as you navigate through our site, or other information when you interact with our social media profiles. This information varies and is controlled by that service provider or as authorized by you via your privacy settings at that service provider.
Why we collect your personal information
We need to collect and use your personal information:
To fulfil our contractual obligations to our clients and to carry out our services.
To process payments for fulfilled contractual services..
To verify identity and prevent unauthorised access to to website or services.
To monitor visitor traffic to our site and to secure our site against malicious human and automated visitors.
We also need to collect personal information where this is necessary for purposes which are in our legitimate interests.
These interests include:
Operating our website and our business.
Protecting our website.
Protecting our staff.
Providing you with services described on the website and other marketing materials.
Verifying your identity when you sign in to any of our online services.
Responding to enquiries, and helping facilitate the resolution of any disputes.
Updating you with operational news and information about our services e.g. to notify clients about new services or holiday dates.
Carrying out technical analysis to determine how to improve our website and the services we provide, or resolve any technical problems.
Monitoring activity on this websites, in order to identify potential fraudulent activity and prevent spam and ‘hacking’.
Managing our relationship with you, e.g. by responding to your comments or queries submitted to us or asking for your feedback.
Managing our legal and operational affairs (including, managing risks relating to safeguarding and content and fraud matters).
Improving our products and services.
Providing general administrative and performance functions and activities.
We may be required by law to collect personal information when responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
When we disclose your personal information
We do not usually need to disclose your personal information to any third party in order to deliver our services.
There may be certain circumstances in which we need to disclose your personal information, for example:
To regulators and government authorities in connection with our compliance procedures and obligations.
A purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase.
A third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity.
A third party, in order to enforce or defend our rights, or to address financial or reputational risks.
A rights holder in relation to an allegation of intellectual property infringement or any other infringement.
Other recipients where we are authorised or required by law to do so.
Where we transfer and/or store your personal information
We are based in the United Kingdom, and your local data is processed and stored in a single location (a private office) in the United Kingdom. Personal data provided to third parties (eg our payment or bookings system providers) are stored according to their Privacy Policies and procedures.
How we keep your personal information secure
We do our best to keep all information secure, especially any personal data. Most of our data is kept in digital form. All digital personal information (including names, addresses, telephone numbers and email addresses) is stored on a protected local computer network, to which only people engaged in activities directly relating to the business have access. The internet connection, local area network (LAN), computer terminals and documents containing personal data are all password protected and never routinely shared via email or stored on ‘cloud’ services.
Our website is secured by an SSL Certificate which uses end to end encryption on every page. We have a website security package which includes a firewall, ‘brute force’ attack protection, file system and database enhanced security and an instant alert system which notifies us of any unexpected changes to our website files and database.
Our website and mail servers are located in a UK-based data centre with biometric passkeys and 24/7 security.
We also collect personal data in hard copy form, usually during an initial consultation when we’re collecting information in order to assess a client's skin health condition, and provide the requested or recommended series of treatments. These documents are kept in a single private office location, in a locked cabinet to which only Skin Matters personnel have access.
Third Party Services
We occasionally use third party services as part of providing services to our clients. Some of these have access to your personal information – either provided by us or by you. These third parties include:
Communications regarding your personal information
Where we have your consent to do so (e.g. if you have subscribed to our email newsletter), we send you communications by email about products and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided at the bottom of the communication itself.
You also have choices about cookies. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our sites may not work properly in your case. You can find out more about what cookies are at the All About Cookies website.
Cookies and web analytics
Your IP address or proxy server IP address
The domain name you requested
The name of your internet service provider is sometimes captured depending on the configuration of your ISP connection
The date and time of your visit to the website
The length of your session
The pages which you have accessed
The number of times you access our site within any month
The file URL you look at and information relating to it
The website which referred you to our site
The operating system which your computer uses.
We may sometimes place cookie-based analytics and tracking code (eg Google Analytics tracking code and Facebook ‘pixels’) on our website, and there are cookies within the website framework, and for this reason we include a ‘Cookies Declaration’ (in accordance with the PECR 2011).
How you can access your personal information
Under the GDPR guidelines, you have the right to:
Request access to the personal data we hold about you.
Request corrections of any errors in that data.
Request erasure of the personal data we hold about you.
To make any of these requests, please contact us via email@example.com.
Information about children
Our website and services are not suitable for children under the age of 16 years, so if you are under 16 we ask that you do not use our website or give us your personal information.
If you are from 16 to 18 years, you can browse our site but you’ll need the supervision of a parent or guardian. We don't accept clients under the age of 18. It’s the responsibility of parents or guardians to monitor their children’s use of our website.
Information you make public or give to others
How long we keep your personal information
When we need to update this policy
We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices. When we do change the policy, we’ll notify you about the changes, via our newsletter (if we have your consent) or here on this page. A copy of the latest version of this policy will always be available on this page.
How you can contact us
If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact us via firstname.lastname@example.org. Alternatively, you can write to us at: Skin Matters, 119B Portland Road, London, W11 4LN.
If you have unresolved concerns you also have the right to complain to data protection authorities. In the UK, the relevant authority is the Information Commissioner’s Office.
We’re really glad you made it to the end of this policy, because knowing how your personal information is used is a step towards keeping your data secure!
Terms and Conditions
(2) Licence to use website
Unless otherwise stated, we or our licensors own the intellectual property rights in the website and material on the website. Subject to the licence below, all these intellectual property rights are reserved.
You must not:
(a) republish material from this website (including republication on another website);
(b) sell, rent or sub-license material from the website;
(c) show any material from the website in public;
(d) reproduce, duplicate, copy or otherwise exploit material on our website for a commercial purpose;
(e) edit or otherwise modify any material on the website;
(3) Acceptable use
You must not use our website in any way that causes, or may cause, damage to the website or impairment of the availability or accessibility of the website; or in any way which is unlawful, illegal, fraudulent or harmful, or in connection with any unlawful, illegal, fraudulent or harmful purpose or activity.
You must not use our website to copy, store, host, transmit, send, use, publish or distribute any material which consists of (or is linked to) any spyware, computer virus, Trojan horse, worm, keystroke logger, rootkit or other malicious computer software.
You must not conduct any systematic or automated data collection activities (including without limitation scraping, data mining, data extraction and data harvesting) on or in relation to our website without our express written consent.
You must not use our website to transmit or send unsolicited commercial communications.
You must not use our website for any purposes related to marketing without our express written consent.
(4) Restricted access
We reserve the right to restrict access to areas of our website, or indeed our whole website, at our discretion.
If we provide you with a user ID and password to enable you to access restricted areas of our website or other content or services, you must ensure that that user ID and password is kept confidential.
You must notify us in writing immediately if you become aware of any unauthorised use of your account or password.
You are responsible for any activity on our website arising out of any failure to keep your password confidential, and may be held liable for any losses arising out of such a failure.
You must not use any other person’s user ID and password to access our website, unless you have that person’s express permission to do so.
We may disable your user ID and password in our sole discretion without notice or explanation.
(5) Limited warranties
We do not warrant the completeness or accuracy of the information published on this website; nor do we commit to ensuring that the website remains available or that the material on the website is kept up-to-date.
To the maximum extent permitted by applicable law we exclude all representations, warranties and conditions relating to this website and the use of this website (including, without limitation, any warranties implied by law of satisfactory quality, fitness for purpose and/or the use of reasonable care and skill).
(6) Limitations and exclusions of liability
To the extent that the website and the information and services on the website are provided free-of-charge, we will not be liable for any loss or damage of any nature.
We will not be liable to you in respect of any losses arising out of any event or events beyond our reasonable control.
We will not be liable to you in respect of any business losses, including (without limitation) loss of or damage to profits, income, revenue, use, production, anticipated savings, business, contracts, commercial opportunities or goodwill.
We will not be liable to you in respect of any loss or corruption of any data, database or software.
We will not be liable to you in respect of any special, indirect or consequential loss or damage.
(12) Exclusion of third party rights
(13) Entire agreement
(14) Law and jurisdiction
(15) Our details
The full name of our company is Skin Matters.
We are registered in England & Wales as a sole trader business.
The proprietor is Joanne Evans.
You can contact us at any time via the following methods:
Phone: 020 7792 6999
Mail: Skin Matters Ltd. 119B Portland Road, London, W11 4LN
Last Updated: 28/12/2020
(1) Ownership of copyright
The copyright in this website and the material on this website (including without limitation the text, computer code, artwork, photographs, images, music, audio material, video material and audio-visual material on this website) is owned by us and our licensors.
(2) Copyright licence
We grant to you a worldwide non-exclusive royalty-free revocable licence to:
(a) view this website and the material on this website on a computer or mobile device via a web browser;
(b) copy and store this website and the material on this website in your web browser cache memory; and
(c) print pages from this website for your own personal and non-commercial use.
We do not grant you any other rights in relation to this website or the material on this website. In other words, all other rights are reserved.
For the avoidance of doubt, you must not adapt, edit, change, transform, publish, republish, distribute, redistribute, broadcast, rebroadcast or show or play in public this website or the material on this website (in any form or media) without our prior written permission.
(3) Data mining
The automated and/or systematic collection of data from this website is prohibited.
You may request permission to use the copyright materials on this website by contacting us.
(5) Enforcement of copyright
We take the protection of our copyright very seriously.
If we discover that you have used our copyright materials in contravention of the licence above, we may bring legal proceedings against you seeking monetary damages and an injunction to stop you using those materials. You could also be ordered to pay legal costs.
If you become aware of any use of our copyright materials that contravenes or may contravene the licence above, please report this by email here.
(6) Infringing material
If you become aware of any material on our website that you believe infringes your or any other person’s copyright, please report this by email here.