020 8655 0444
Mon - Fri / 9am - 5pm
Get a quote
Home Salon Insurance Everything You Need To Know About GDPR…

Everything You Need To Know About GDPR For Salons: Compliance Checklist For 2018

Dean Laming ACIIBy Dean Laming on August 10th, 2018

It only seems like five minutes since the General Data Protection Regulation (GDPR) came into force across the European Union (EU), sending countless business owners into a mad panic about the way they manage sensitive personal data about their customers and employees. Yet here we are, months down the line and still, many of those businesses haven’t yet taken the necessary steps to ensure they’re compliant with what is often referred to as the biggest change in data protection laws for 20 years.

If you’re one of them, don’t worry, we get it.

Between looking after your customers, managing staff and taking care of the thousands of little tasks that come as part and parcel of running your own salon business, you’ve got enough on your plate without worrying about privacy policies and fair processing notices.

So it’s understandable, sure, but that doesn’t mean you should risk leaving your GDPR duties much longer. The fines for non-compliance can be pretty severe, and the Information Commissioner’s Office (the organisation responsible for overseeing GDPR in the UK) isn’t playing around when it comes to dishing those fines out when they need to.

That’s the bad news. Now, here’s the good news: even months after GDPR came into effect, it’s still not too late to ensure your salon is fully compliant. Better yet, doing so doesn’t have to be half as long, or half as complicated as it might first seem.

Here, we’ve put together your complete, easy-to-follow GDPR compliance checklist for salons, looking at everything you need to know to ensure you’re bang up-to-date with the new law. Before we get into that, however, let’s take a moment to address some of the major concerns raised by the salon owners we’ve chatted to about GDPR.

GDPR for salons

I was already complying with the Data Protection Act – why do I need to bother with GDPR?

When the Data Protection Act (DPA) 1998 first came into force back in the late ’90s, it was perfectly good enough for that time period. 20 years down the line and things have changed dramatically. The way we collect, use and manage data is drastically different than it was back in the 90s, which means the DPA isn’t really fit for purpose any more.

The same applies to similar data protection laws in other EU member states. That’s why GDPR was created in the first place.

It’s designed to make data protection law relevant and appropriate for the modern digital age by replacing outdated legislation like the DPA. In other words, the 1998 version of the Data Protection Act as you once knew it is no longer the legislation that governs data protection in this country, which is why you need to ensure your salon is GDPR compliant.

That said, you don’t necessarily have to start from scratch.

If you were already taking steps to ensure your business was compliant with the DPA, then you’ve already done much of the hard work needed to ensure you’re compliant with GDPR. Still, that doesn’t mean you can afford to ignore GDPR altogether. There are still some differences, and it’s important to pay attention to them if you’re to keep the Information Commissioner’s Office (ICO) from showing up at your salon with a nasty fine.

GDPR for salons

Brexit is happening next year: Won’t that make all of this redundant?

No, it won’t. In the United Kingdom, GDPR is enforced by an updated Data Protection Act 2018. That mainly mirrors what’s in GDPR, and will continue to be the governing data protection law once we finally pack our bags and ship out of the EU next March.

So, if you’re going to keep your business in the ICO’s good books, you’ll need to tackle your GDPR tasks now and keep that level of compliance even after Brexit.

GDPR for salons

Okay, so what do I need to do create a GDPR-compliant salon?

Though it can seem like a lot, working your way through this simple GDPR checklist is the easiest way to ensure you’re sticking to the rules.

Take inventory of your data

Just as you probably take stock of your essential supplies and any products you might sell in your salon, the ICO encourages you to also take stock of all the data you currently hold.

That means data not only relating to your clients, but also to employees, suppliers, and anyone else relating to your business.

As you go about creating this inventory, you’ll need to assess your data and determine whether or not you really need to keep it, and if you’re legally allowed to store it.

Some questions you’ll need to ask include:

  • What kinds of information do we collect and store?
  • Are we collecting and storing it only for a valid reason?
  • Are we keeping that information only for as long as is really necessary?
  • Are we doing enough to ensure that the information we store can only be accessed by people who need to access it to do their jobs?
  • Are we doing enough to ensure that the information is only being used for its intended purpose?
  • Do we share this information with any third parties? If so, why? Should we still be doing this?

Doing this will help you determine exactly what you’re allowed to keep and what you should be looking to get rid of.

It will also prove to be highly effective in ensuring that when you do store and collect any data, it’s done so in accordance with GDPR.

All of the remaining items on this checklist should be applied to any and all types of data that you process.

Understand lawful basis

The concept of “Lawful Basis” is the very foundation upon which GDPR is built. It basically means that you’re only allowed to collect and process any and all kinds of personal data if you can prove that you have a lawful reason to do so.

The regulation lists six different kinds of lawful basis that you can use. These are:

Consent

The data subject has given you consent to use their data for a specific purpose

Contract

You need to use the data to fulfil a specific part of a contract agreement

Legal obligation

You need to process data to comply with the law

Legitimate interest

You need to process data in order to perform a legitimate function for your business

Public task

You need to process data in order to carry out an official public duty

Vital interest

You need to process data to save or protect a person’s life.

To be honest, as a salon owner, most of these aren’t going to apply to you. Public task, for example, is primarily about using data in a governmental agency. For your business, the one lawful basis that is most applicable is that of consent.

Check & update the way you gain consent

For the purposes of GDPR compliance, consent means that you can use a person’s data only for the purposes that they have given you their express consent for. This also relates to any information that you’ve collected before GDPR came into play.

For example, if you collect a customer’s email address or telephone number when they book an appointment, you could claim that the lawful basis for collecting that data is that of Legitimate Interest if you use it to send a confirmation or an appointment reminder. However, you can’t then simply decide to add that customer’s details to your marketing list so you can send them your latest special offers.

This is unlikely to be considered a legitimate interest, and would instead need you to gain the person’s express consent to use their data for that purpose. If you’re ever in doubt about which lawful basis to use when collecting data, consent is typically the best one to go for as it makes it absolutely clear that you have outright consent to use data for a specific purpose.

With that in mind, now is the time to look at the way you gather data and ensure that where you are using consent, you’re doing so in accordance with three rules:

  • That you’re obtaining the data fairly
  • That you’re gaining explicit consent to use the data given for a specific purpose
  • That you make it clear to the individual how they can withdraw their consent should they need to

Update your IT security

Running a salon, it’s easy to overlook IT as having much of an impact on your business. Yet if you keep your customer records in a spreadsheet or database, if you use mailing lists and email programmes, and if you use tools like laptops and iPads in your business, then yes, IT security is just as important to you as it would be if you ran an office.

Tasks you’ll need to look at here include:

  • Ensuring all the personal data you store is fully encrypted. Tech blogs like The Next Web and PC World have lots of advice about encryption tools you can use
  • Ensuring you’ve got sufficient anti-virus and anti-malware software installed on your devices
  • Creating a secure, off-site back-up of your data so that you can always get data back if it’s lost or stolen. Using cloud backup services may be a good option for you in this instance

Adding an SSL certificate to your website to ensure that any data customers send to you via contact or payment forms is fully encrypted.

Train & educate your staff on GDPR

At its heart, GDPR is all about ensuring individuals’ data is safe and well protected against a potential breach. Yet even if you employ some super IT guru to install the latest cutting-edge security tools on your laptop, there’s always the chance that one wrong click of a mouse from one of your staff could land you in hot water.

In fact, statistics released by the ICO show that four out of the five top causes of data breaches are all down to human error. With that in mind, now’s a good time to ensure that anyone working in your salon is fully informed as to how GDPR impacts their work and what they need to be doing in order to ensure your business remains compliant.

Create your privacy notice

A privacy notice can be a straightforward document that outlines some key details about the way you process data. At a minimum, it should include:

  • The name of your business
  • The reasons you collect data
  • What lawful basis you have to collect that data
  • Who that data will be shared with (such as employees or suppliers) and what grounds you have to share it

Prepare how you’ll respond to data requests or breaches

Your privacy notice should also inform people of their personal data rights, such as the right to request a copy of the information you hold about them or the right to have that information deleted. With that in mind, it pays to prepare for such requests in advance.

If a customer asks to see the data you hold about them, would you know how to get them a copy in a format that’s suitable for them? On a related note, it pays to be prepared for the worst possible eventuality:

A data breach.

GDPR states that if such a breach occurs, you need to report it to the relevant authority (in this case, the ICO) within the first 72 hours of discovering the breach. Ideally, however, it’s always better to report it within the first 24 hours. As you go through your salon’s GDPR compliance checklist then, ensure that you’d know how to identify a data breach and how you’d handle it should one occur.

How has GDPR affected your salon business? What’s been the biggest challenge you’ve faced in ensuring you’re fully compliant with the new GDPR protection law? Share your experiences with us and other salon owners through Facebook and Twitter.

Salon Gold provides insurance for salons. For further information, please visit our Salon Insurance page. 

Quick online quote TrustScore 4.8 out of 5

Follow our social accounts

Latest Articles

Why spend money on a business coach in a national recession? Why spend money on a business coach in a national recession? Do these 8 things now for business success in 2024! Do these 8 things now for business success in 2024! Hair and beauty gifts we want under our tree... Hair and beauty gifts we want under our tree...

Related Salon Insurance Articles

View ALl on theHUB View All
Pregnancy spa treatments: Beauty services to avoid or offer with caution Pregnancy spa treatments: Beauty services to avoid or offer with caution
Eco-chic hair salons: 3 ways to make your business eco-friendly Eco-chic hair salons: 3 ways to make your business eco-friendly
Germ-free glam: How to clean manicure and pedicure tools Germ-free glam: How to clean manicure and pedicure tools
5 hair and beauty salon trends to watch out for in 2023 5 hair and beauty salon trends to watch out for in 2023
A Winning Mindset To Grow Your Hair Salon Business A Winning Mindset To Grow Your Hair Salon Business
Glowing with Pride: How Insurance Helps your Tanning Business Succeed Glowing with Pride: How Insurance Helps your Tanning Business Succeed
A bright future: how insurance protects tanning salons A bright future: how insurance protects tanning salons
Tips For Making Sure Your Barber's Shop Gets The Insurance it Needs Tips For Making Sure Your Barber's Shop Gets The Insurance it Needs
What Covers Should You Choose for Your Tanning Salon's Insurance? What Covers Should You Choose for Your Tanning Salon's Insurance?
Salon insurance 101: everything you need to know Salon insurance 101: everything you need to know
What insurance do I need for my tanning salon? What insurance do I need for my tanning salon?
First impressions count: A checklist for your salon Receptionist First impressions count: A checklist for your salon Receptionist
Spray tanning in winter: The do’s & don’ts Spray tanning in winter: The do’s & don’ts
How to Maximise Black Friday for Your Salon Success How to Maximise Black Friday for Your Salon Success
Your Ultimate Guide to Hair Salon Insurance Your Ultimate Guide to Hair Salon Insurance
Insta Fame: Why Marketing Your Salon On Instagram Should Be Your Next Stop Insta Fame: Why Marketing Your Salon On Instagram Should Be Your Next Stop
The Secret To Success: Essential Tips For Bringing In Salon Customers & Making Sales The Secret To Success: Essential Tips For Bringing In Salon Customers & Making Sales
Market Yourself: Our Complete Guide To Salon Marketing Market Yourself: Our Complete Guide To Salon Marketing
Shedul Salon Software & App Review 2018: What You Need To Know Shedul Salon Software & App Review 2018: What You Need To Know
The Power Of Facebook: Our Tips For Using Facebook Ads To Market Your Salon The Power Of Facebook: Our Tips For Using Facebook Ads To Market Your Salon
What are the legal requirements to consider when opening a Beauty Salon? What are the legal requirements to consider when opening a Beauty Salon?
Is Employer's Liability Insurance compulsory for Salons? Is Employer's Liability Insurance compulsory for Salons?
Social Butterfly: Our Complete Guide To Get Your Salon Social Media Off The Ground Social Butterfly: Our Complete Guide To Get Your Salon Social Media Off The Ground
Say It With A Text: Our Complete Guide To SMS Marketing For Your Salon Business Say It With A Text: Our Complete Guide To SMS Marketing For Your Salon Business
Closing Up Shop: How To Go About Selling On Your Salon Equipment When You're Shutting Down Closing Up Shop: How To Go About Selling On Your Salon Equipment When You're Shutting Down
Getting The Right Beauty Salon Insurance Quote: A Guide Getting The Right Beauty Salon Insurance Quote: A Guide
What is Spray Tanning Insurance? What is Spray Tanning Insurance?
What is Hair Salon Business Insurance? What is Hair Salon Business Insurance?
What is Beauty Salon Business Insurance? What is Beauty Salon Business Insurance?
Why do Hair & Beauty Salons need Public Liability Insurance? Why do Hair & Beauty Salons need Public Liability Insurance?
Employer’s Liability Insurance For Salon Owners: What You Need To Know Employer’s Liability Insurance For Salon Owners: What You Need To Know
Mobile Spray Tanning Insurance: Explained Mobile Spray Tanning Insurance: Explained
A Guide To Business Insurance For Hair & Beauty Salons A Guide To Business Insurance For Hair & Beauty Salons
Salon Insurance: Examples Of Claims Salon Insurance: Examples Of Claims
What is the cost of Nail Salon Insurance? What is the cost of Nail Salon Insurance?
How much does Salon Insurance cost? How much does Salon Insurance cost?
How much does Hair Salon Insurance cost? How much does Hair Salon Insurance cost?
How much does Beauty Salon Insurance cost? How much does Beauty Salon Insurance cost?
Understanding the Different Types of Salon & Their Insurance Covers Understanding the Different Types of Salon & Their Insurance Covers
Nail Salon Insurance: Explained Nail Salon Insurance: Explained
What is Business Insurance for Salons? What is Business Insurance for Salons?
What is Barber Shop Insurance & what does it cover? What is Barber Shop Insurance & what does it cover?
How much does Barber Shop Insurance cost? How much does Barber Shop Insurance cost?
Why is it important to have insurance for your Salon? Why is it important to have insurance for your Salon?
What are the different covers a Salon must have? What are the different covers a Salon must have?
Who needs Salon Insurance & what does it cover? Who needs Salon Insurance & what does it cover?
What is Public Liability Insurance for Salon Owners? What is Public Liability Insurance for Salon Owners?
What is Salon Insurance? What is Salon Insurance?
Doing Your Bit For The Environment: Top Tips For Saving Money & The Planet In Your Salon Doing Your Bit For The Environment: Top Tips For Saving Money & The Planet In Your Salon
Reviews, Reviews, Reviews: A Guide To Managing Your Salon Presence Online & Why Reviews Matter Reviews, Reviews, Reviews: A Guide To Managing Your Salon Presence Online & Why Reviews Matter
Those Finishing Touches: A Complete Guide To Setting Up Your Salon From Start To Finish Those Finishing Touches: A Complete Guide To Setting Up Your Salon From Start To Finish
The Great Debate: The Pros & Cons Of Renting A Chair In Your Salon The Great Debate: The Pros & Cons Of Renting A Chair In Your Salon
Mailing The Masses: Our Top Tips For Making The Most Of Your Salon Email Marketing Channel Mailing The Masses: Our Top Tips For Making The Most Of Your Salon Email Marketing Channel
Beat The Heat: Top Tips To Keep Your Salon Cool & Fresh This Summer Beat The Heat: Top Tips To Keep Your Salon Cool & Fresh This Summer
Tomorrow’s Technology Today: The Latest Tech That Could Transform Your Salon Tomorrow’s Technology Today: The Latest Tech That Could Transform Your Salon
The Benefits Of Using Salon Software The Benefits Of Using Salon Software
How do I choose the right Hair Salon Insurance? How do I choose the right Hair Salon Insurance?
Understanding Your Salon Insurance: 3 Possible Pitfalls Understanding Your Salon Insurance: 3 Possible Pitfalls
This website is intended for customers based in the UK and is therefore subject to the UK regulatory regime(s). © Copyright 2023 Salon Gold | Salon Gold, Holistic Gold, Counselling Gold, Fitness Gold and Henry Seymour & Co. are trading names of Barkdene Limited which is authorised and regulated by the Financial Conduct Authority (FRN 303965) for our insurance distribution and credit broking activities. Barkdene Limited is a credit broker not a lender. You can check this on the Financial Services register. Registered in England No 1842617. Registered Office – Chancery House, St Nicholas Way, Sutton, Surrey, SM1 1JB. All rights reserved.
You need to be logged in to Your Account to make a payment. Redirecting you to Account Login.