Limited Edition Tattoo Studios Ltd - General Data Protection Regulation Policy Statement
Limited Edition Tattoo Studios Ltd (Company 07021178) has been operating since 2010 and have over 40 years combined experience between our artists working in the tattoo, piercing and body modification industry (including treatments such as laser tattoo reduction). Based in Doncaster, we offer a broad range of tattooing, design work, body piercing and laser reduction to clients in South Yorkshire and beyond.
The business is run with the trading name Limited Edition Tattoo Studio.
As an essential part of our business, we have to collect and manage customer information. In doing so,we observe the UK Data Protection legislation, and are committed to protecting and respecting
customers’ and non-customers’ privacy and rights. Specifically, we act as a “Data Controller” in respect of the information gathered and processed by us, and act in a fair, transparent and accountable manner.
In order that you are reliably informed about how we operate, we have developed this statement, which describes the ways in which we collect, manage, process, and store information about you, in order to provide you with our high level of customer service. This privacy notice also provides you with information about how you can have control over the use of your data.
This document sets out your rights of privacy under the GDPR [General Data Protection Regulation] after 25 May 2018 and how Limited Edition Tattoo Studios Ltd as a company meet the compliancy requirements.
If you have any comments or queries regarding our use of your data, please contact the studio owner, Beth Cust Firth via email at: firstname.lastname@example.org or write to us at:
FAO: Beth Cust Firth, Limited Edition Tattoo Studio, 37-38 High Street, Doncaster, DN1 1DL
What information do we collect about you?
Under the new GDPR coming into force at the end of May 2018, We are required by law to document
what personal information we keep for all customers, whether they are one off or regular clients.
When booking an appointment with Limited Edition Tattoo Studios Ltd, we will take your name, contact telephone number, and email address, and a deposit if one is required.
On the day of your appointment, we will need to collect additional information such as medical history, home address, date of birth and any additional information that pertains to your procedure. We may also require a copy of your photo identification in order to verify your age and identity.
All information is retained for a period of 3 years from the conclusion of any and all appointments, after which it will be securely destroyed. You do have the right to see any information we keep and you can request that any data be changed or securely destroyed at any point.
We do not use the information for anything other than to contact you regarding your appointment or follow up aftercare advice.
We will not pass your personal information to any third party.
Please also be advised that when you visit our website(s), cookies will be used to collect information
about you such as your Internet Protocol (IP) address which connects your computer or mobile device to the Internet, and information about your visit such as the pages you viewed or searched for, pages response times, download errors etc. We do this so that we can measure our website’s performance and make improvements in the future. You can control this by adjusting your cookies settings.
How will we use the information?
In general terms, we would need to collect information about you so that we can:
• Provide our services and respond to enquiries
• Deliver requested information to you about our additional services
• Process and respond to any complaints
The information that we need for these purposes is known as your “personal data”. This includes your
name, home address, email address, telephone and other contact details.
We collect this in a number of different ways. For example, you may provide this data to us directly
online or over the telephone, or in person.
Under the terms of data protection legislation, you have the following rights as a result of using our
service and our website (subject to confidentiality, as mentioned above):
(a) Right to be informed
This privacy notice fulfils our obligation to tell you about the ways in which we use your information as a result of you using our services.
(b) Right to access
You have the right to ask us for a copy of any personal data that we hold about you. This is known as a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information at no cost after 25th May 2018. We will send you a copy of the information within 30 days of your request.
To make Subject Access Request, please email or write to our Data Protection Officer, Beth Cust Firth, at the details set out above.
(c) Right to rectification
If any of the information that we hold about you is inaccurate, you can contact our Data Protection
Officer in writing, via letter or email. Before we can do this, it may be necessary for us to investigate this with you and obtain proof of your identity.
(d) Right to be forgotten
From 25 May 2018, you can ask that we erase all personal information that we hold about you. Where it is appropriate that we comply, your request will be fully actioned within 30 days. Please note that there may be very good reasons why we cannot comply, for instance where we need to hold your file of papers electronically after conclusion of your matter for a statutory period e.g. limitation period. For further information please contact our Data Protection Officer, who will be able to help you and advise you on your case.
You have the right to object to:
• The continued use of your data for any purpose listed above for which consent is identified as
the lawful basis for processing i.e. you have the right to withdraw your consent at any time.
• The continued use of your data for any purpose listed above for which the lawful basis of
processing is that it has been deemed legitimate.
(e) Right to restrict processing
If you wish us to restrict the use of your data because (i) you think it is inaccurate but this will take time to validate, (ii) you believe our data processing is unlawful but you do not want your data erased, (iii) you want us to retain your data in order to perform subsequent tasks, or (iv) you wish to object to the processing of your data, but we have yet to determine whether this is appropriate, please contact our Data Protection Officer.
(f) Right to data portability
If you would like to move, copy or transfer the electronic personal data that we hold about you to
another organisation, please contact our Data Protection Officer.
(g) Rights related to automated decision-making
If you would like to object to automated decision making without any individual involvement, and to the profiling of your data, please contact our Data Protection Officer.
Is the processing of information likely to cause individuals to object or complain?
Limited Edition Tattoo Studios Ltd are not aware of any justifiable reasons that would constitute a legitimate reason for objecting or complaining about the way we process or control information.
How long will we retain information for?
Limited Edition Tattoo Studios Ltd will typically retain information for a period of 3 years from the completion of any and all appointments. This is due to regulatory reasons and limitation periods in
respect of any future claims or complaints and to ensure our business records are adequate to maintain the requisite levels of insurance to protect our clients and non-clients.
None of the information that we collect process or store as a result of our services is transferred outside of the European Union (EU).
Data privacy and security
At Limited Edition Tattoo Studios Ltd, we maintain a comprehensive data management work programme, which includes processes for ensuring that data protection is a key consideration of all new and existing customers. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.
We also maintain an active information security work programme which seeks to protect the availability, confidentiality and integrity of all physical and information assets.