The new Data Protection law (GDPR) for Salons

The new Data Protection law (GDPR) for Salons

You may have heard that from 25th May 2018 much more rigorous Data Protection laws are being introduced in the EU and UK.   The 2 key elements are:

1.       Consent must be given by all clients for you to store and use their data (name, phone, address etc.). Permission must be explicit i.e. they MUST tick a Yes box. That permission then needs to be stored as proof.

2.       Print and Forget – clients can request the information you store about them is sent to them as a printed document and can ask for that the information to be deleted (forgotten).

Most of your client data will be stored on your salon software system, so your first and most important task is to check that your software provider has produced detailed plans for how they will handle the issues.

If you use Salon IQ you will find more info here

If you use Phorest you will find more info here

GDPR and Salon Guru

We use a lot of client data exported from your software to send emails. From May we will need new exports for ONLY those clients who have given explicit permission. These will be GDPR clean lists – i.e. OK to use.

You will need to export and send to us a client list that updates the Permissions regularly.  We suggest a new/replacement full client list at the start of each month.

We also have other data lists stored that are not from your in-salon software…

  • Late deals claimed/sold
  • Sign up forms for vouchers, news, consultations
  • Wifi logins
  • Reviews

Salon Guru will add the new explicit permission question to ALL places we save data and we will only use those names/emails from May.

But, we also want to get approval from as many “old data” records as possible. So during April/May Salon Guru will be emailing old lists to ask for their permission to continue sending emails.

In summary…

You need to be aware of the plans from your software company.

You will need to send us new exports of client data each month.

We will update every place we save data.

We will contact all clients from old lists to ask for permission.

We will add a Data Protection Policies page to all sites that you can edit.