1. Introduction

This GDPR Compliance Policy (“Policy”) outlines how ExceptionalBeauty.co.uk (referred to as “we,” “our,” or “us”) collects, uses, processes, and protects personal data obtained through our website at [Website URL] (the “Website”). We are committed to ensuring that any personal data we collect and process complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Definitions

Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”).
Data Controller: The entity responsible for determining the purposes and means of processing personal data.
Data Processor: An entity that processes personal data on behalf of the Data Controller.

3. Data Controller Information

The Data Controller responsible for processing personal data collected through the Website is:

ExceptionalBeauty.co.uk, Holloway Road, London, Greater London. N19 4DJ United Kingdom. Email – info@exceptionalbeauty.co.uk

4. Legal Basis for Data Processing

We will only process personal data when we have a legal basis to do so, which may include:

Consent: We obtain clear and explicit consent when required.
Contractual Obligation: Processing is necessary for the performance of a contract with the Data Subject.
Legal Obligation: Processing is necessary to comply with legal obligations.
Legitimate Interests: Processing is based on our legitimate interests, provided that the Data Subject’s interests or fundamental rights and freedoms do not override those interests.

5. Purposes of Data Processing

We process personal data for specific, explicit, and legitimate purposes, including but not limited to:

Providing requested information or services.
Sending marketing communications (with explicit consent).
Analyzing and improving the Website’s performance.
Complying with legal obligations.

6. Data Subject Rights

Data Subjects have the following rights:

Right to access: Data Subjects can request access to their personal data.
Right to rectification: Data Subjects can request corrections to inaccurate or incomplete data.
Right to erasure: Data Subjects can request the deletion of their data.
Right to object: Data Subjects can object to certain processing activities.
Right to data portability: Data Subjects can request their data in a structured, commonly used, and machine-readable format.

7. Data Security

We implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data. This includes encryption, access controls, and regular security assessments.

8. Data Transfers

We may transfer personal data to third parties, including service providers, in compliance with GDPR requirements. When transferring data outside the EU/EEA, we will ensure adequate safeguards are in place.

9. Data Breach Notification

In the event of a data breach, we will promptly notify the relevant authorities and affected Data Subjects as required by GDPR.

10. Contact Information

If you have questions, concerns, or requests regarding your personal data or this Policy, please contact us at info@exceptionalbeauty.co.uk.

11. Changes to the Policy

We reserve the right to modify or update this GDPR Compliance Policy at any time. Any changes will be posted on this page with a revised “Last Updated” date.

12. Governing Law

This Policy is governed by and construed in accordance with the laws of the United Kingdom, and any disputes arising from or related to this Policy shall be subject to the exclusive jurisdiction of the courts in the United Kingdom.

Effective Date: 30-10-2023

GDPR Compliance Policy