1

This checklist will help to make sure your Salon Website and Online Marketing meets the stricter GDPR data protection rules that come into effect 25th May 2018.

First, an obligatory disclaimer to satisfy our lawyer : we’re not lawyers and what follows isn’t legal advice. We have a vested interest in your success under the GDPR, but if you need concrete legal counsel, talk to a lawyer. This is not an exhaustive list but it is based on our considerable experience gained from helping over 130 salons in the UK and worldwide with data compliance.
GDPR for salons

You can download this checklist as a PDF file or print with these icons..

Get our expert GDPR advice FREE of charge.

Request a call from Phil Evans, MD of Salon Guru, for guidance.This is NOT a sales call – we are glad to help.

Salon Checklist for GDPR Do you comply? Salon Guru
websites comply
     
Data Inventory Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
What data do I process and for what purpose? Make a list of each place you request and save any personal data. E.g. forms, comments, surveys, offers, newsletter sign-ups etc.
     
Use of third parties – includes self-employed staff Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Do you share data with others? Make a list of who and where they are based.
E.g. Self-employed staff, Paypal, other payments processors, salon software, google, facebook, emails software, mailhot software, your web company, online storage    
     
Privacy Policy Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Do you have a GDPR compliant Privacy Notice on your website?
It needs to be linked to on every page.
     
Cookie Policy Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Do you have a GDPR compliant Cookie Notice on your website?
It needs to be linked to on every page.
     
Opt ins Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Have you added Opt In wording to your online sign up boxes?
All sign up boxes on your website that collects email addresses ensure that you have GDPR compliant opt in wording and a link to your Privacy Notice. E.g. newsletters, offers, online store, online booking.
     
Send your new privacy Policy to Clients Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Include in all future emails links to your new Privacy Polcy and the option to unsubscribe or resubscribe.
 
Do I have consent for emails? Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
If you do not have explicit compliant consent, email your list for fresh consent
 
Do you have a system for  withdrawal of consent? Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
GDPR requires you to keep records of opt outs. Does your email marketing system manage this for you?
 
Do you have Processor Agreements with the third parties? Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
It is mandatory to have a written agreement with your third party processor (eg website software providers etc).
 
Do you have a Data Request system? Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Clients must be offered a system to ask what data you hold for them and to eb able to request removal
 
Do you have a system for data breach notification?  Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
If there is a data breach, you must notify the ICO within 72 hours of the breach.
 
Is your insurance adequate? Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
Contact your insurance broker to discuss any increased liability due to GDPR
 
Have you reviewed the security of your data? Ensure your Salon Website is GDPR compliant Ensure your Salon Website is GDPR compliant
You should assess all aspects of secuity related to your online activities. Is you website a secure site (HTTPS) ?