Privacy Policy (Datenschutzerklärung)
As of: June 20, 2024
Article 1: Our Commitment to Your Privacy
Skinceptional e.U. is deeply committed to protecting the privacy and security of our clients' personal data. This Privacy Policy provides detailed information on how we collect, process, use, and protect your personal information in compliance with the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (Datenschutzgesetz - DSG). Our aim is to be transparent about our data practices and to empower you with control over your personal information.
Article 2: Data Controller The entity responsible for the collection and processing of your personal data (the "Data Controller") is:
● Company Name: Skinceptional e.U.
● Company Registration Number: FN 600137 f
● Address: Köstlergasse 9/15, 1060, Vienna, Österreich
● Contact Email: Contact@skinceptional.at
● Contact Phone: +436608400509
For any questions regarding this policy or your data protection rights, please contact us using the details provided above.
Article 3: Personal Data We Collect and Process
We collect personal data necessary to provide you with our high-quality beauty services in a safe and personalized manner.
● General Client Data: When you schedule an appointment, we collect your name and contact details (email address, phone number).
● Sensitive Health-Related Data: Your safety is paramount. Therefore, we collect specific health data under the following circumstances:
○ For every new client, we conduct a consultation that includes a set of questions regarding potential allergies or skin conditions to ensure the safety of our standard treatments.
○ For clients who choose to undergo a Permanent Makeup (PMU) procedure, we require the completion of a detailed questionnaire. The procedure is performed only after the client acknowledges the conditions, understands the aftercare requirements, and provides explicit written consent by signing a dedicated form.
Article 4: Legal Basis and Purpose of Data Processing We process your data based on the following legal grounds as defined by GDPR:
● Performance of a Contract (Art. 6(1)(b) GDPR): We process your general client data (name, contact details) to schedule your appointments, provide the services you have requested, and manage our client relationship.
● Explicit Consent (Art. 9(2)(a) GDPR): The collection and processing of sensitive health-related data (such as allergies and information for PMU procedures) are based solely on your explicit, informed, and freely given consent, which you provide in writing before the treatment.
● Consent for Marketing (Art. 6(1)(a) GDPR): We will only send you marketing communications, such as newsletters, if you have actively consented to receive them.
Article 5: Data Security and Storage We take the security of your data very seriously.
● Storage Method: All client data, including consent forms and health questionnaires, is currently stored in a physical format.
● Security Measures: These physical files are kept in a secure, non-public location accessible only to authorized salon personnel. This measure protects your data from unauthorized access, alteration, or disclosure.
Article 6: Data Retention
We do not store your personal data indefinitely. We retain the personal data of inactive clients for a period of one year. After this period, or if the data is no longer necessary for the purpose it was collected for, it will be securely and permanently disposed of.
Article 7: Disclosure to Third Parties
We do not sell, trade, or rent your personal data to others. Your information will only be disclosed to third parties if necessary for the performance of our services (e.g., to a payment processor to handle an invoice for a late cancellation) or if we are required to do so by law. Any third-party service provider we may use is also required to comply with GDPR standards.
Article 8: Marketing Communications
We plan to offer newsletters to keep you informed about our services and special promotions. We will only send these to you if you have opted in. You can provide your consent to receive newsletters via email or WhatsApp. You have the right to withdraw this consent at any time, without providing a reason, by contacting us through the same channels.
Article 9: Your Data Protection Rights (GDPR)
As a data subject under GDPR, you have the following rights concerning your personal data:
● The Right to Access: You have the right to request a copy of the personal information we hold about you.
● The Right to Rectification: You have the right to request the correction of any inaccurate or incomplete personal data.
● The Right to Erasure ('Right to be Forgotten'): You have the right to request the deletion of your personal data where there is no compelling reason for its continued processing.
● The Right to Restrict Processing: You have the right to request a suspension of the processing of your personal data, for example, if you contest its accuracy.
● The Right to Data Portability: You have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format.
● The Right to Object: You have the right to object to the processing of your personal data, particularly for direct marketing purposes. To exercise any of these rights, please contact us at Contact@skinceptional.at.
Article 10: Right to Lodge a Complaint
If you believe that our processing of your personal data infringes on data protection laws, you have the legal right to lodge a complaint with a supervisory authority.
The competent authority in Austria is: Österreichische Datenschutzbehörde Barichgasse 40-42 1030 Vienna Email: dsb@dsb.gv.at
Article 11: Website Cookies
Our website, skinceptional.at, is designed to provide you with information about our salon and services. The website may use tracking or analytical cookies such as Google Analytics or Facebook Pixel. Any cookies that may be in use are strictly necessary for the technical functionality and security of the website.
Article 12: Updates to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The latest version will always be available on our website.