top of page

Privacy Policy

Last updated: May 2026

Introduction

 

LACUNA RO HAIR LIMITED ("we", "our", "us") respects your privacy and is committed to protecting your personal data.

​

This Privacy Policy explains how we collect, use, store, share and protect your personal information when you:

  • visit our website

  • contact us

  • create an account

  • book appointments

  • purchase products

  • subscribe to marketing communications

  • visit our salon

  • interact with us online or through social media

​

This policy is intended to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

Please read this Privacy Policy together with any additional notices we may provide when collecting or processing personal data for specific services or promotions.

​

1. Who We Are

Business Name: LACUNA RO HAIR LIMITED
Registered Address: 22 Sir Isaacs Walk, Colchester, Essex CO1 1JJ

Email: hello@lacunaro.co.uk
Phone: 01206 520026

Website: https://lacunahair.co.uk

LACUNA RO HAIR LIMITED is the data controller responsible for your personal data.

​

2. The Data We Collect About You

Personal data means any information capable of identifying an individual.

We may collect, use, store and process the following categories of personal data:​​​​​​

This may include:

  • first name

  • last name

  • title

  • date of birth

  • account username

  • photographs or video imagery where consent has been provided

Identity Data
Contact Data

This may include:

  • email address

  • telephone number

  • billing address

  • delivery address

​​

Contact Data

This may include:

  • email address

  • telephone number

  • billing address

  • delivery address

​​

This may include:

  • appointment history

  • products purchased

  • payment details

  • booking records

​

​

​

​

Transaction  Data

This may include:

  • IP address

  • browser type and version

  • device information

  • time zone settings

  • website interaction data

  • cookie identifiers

Technical Data

This may include:

  • login details

  • booking preferences

  • purchase history

  • reviews

  • survey responses

  • marketing preferences

Profile Data

Where relevant to salon services, we may collect:

  • patch testing information

  • ColourStart verification information

  • allergy or sensitivity information

  • consultation notes relevant to your service

We only collect health-related information where reasonably necessary to provide services safely.

Consultation & Allergy Data

This may include information about how you use:

  • our website

  • booking systems

  • online shop

  • marketing emails

  • salon services

Usage Data

This includes:

  • your communication preferences

  • newsletter subscriptions

  • marketing opt-ins and opt-outs

We may also use anonymised or aggregated data for analytics, reporting, service improvements and business insights. This information does not directly identify individuals.

Marketing & Communications Data

​​​​3. How Your Personal Data Is Collected

We collect personal data through:

You may provide personal information when you:

  • book appointments

  • complete consultation forms

  • create an online account

  • purchase products

  • subscribe to newsletters

  • contact us

  • leave reviews or feedback

  • participate in promotions or surveys

Direct Interactions

As you interact with our website, we may automatically collect Technical and Usage Data using:

  • cookies

  • analytics tools

  • server logs

  • similar technologies

Please see our Cookie Policy for more information.

Automated Technologies

We may receive personal data from trusted third party providers including:

  • Wix

  • Wix Bookings

  • Stripe

  • ColourStart

  • Google Analytics

  • Omnisend

  • Usercentrics

Third Parties

4. How We Use Your Personal Data

We will only use your personal data where legally permitted.

Most commonly, we use your information to:

  • provide salon services

  • manage appointments and bookings

  • process payments and orders

  • communicate regarding appointments or enquiries

  • provide consultation and patch testing procedures

  • improve our services and customer experience

  • manage online accounts

  • send marketing communications where consent has been provided

  • administer our website and business operations

  • comply with legal, regulatory and insurance obligations

  • protect our business against fraud or misuse
     

5. Lawful Bases For Processing

Under UK GDPR, we rely on the following lawful bases for processing personal data:

We collect personal data through:

Where processing is necessary to provide services, fulfil bookings, process orders or manage customer relationships.

Performance Of A Contract

Where processing is reasonably necessary for:

  • operating and improving our business

  • understanding customer behaviour

  • improving website performance

  • service administration

  • business security

  • fraud prevention

  • record keeping

We carefully balance our legitimate interests against your rights and freedoms.

Legitimate Interests

Consent

We rely on consent for:

  • marketing communications

  • promotional emails

  • optional photography and video usage

  • certain cookie technologies

You may withdraw consent at any time.

Legal Obligations

​

Where processing is necessary to comply with:

  • tax obligations

  • consumer protection laws

  • health and safety obligations

  • insurance requirements

  • regulatory obligations

​

6. Marketing Communications

If you opt into marketing, we may send:

  • newsletters

  • promotions and offers

  • salon updates

  • product recommendations

  • launch announcements

​

Marketing communications may be managed through:

  • Omnisend

  • Wix Marketing

You may unsubscribe at any time by:

  • clicking the unsubscribe link in marketing emails

  • contacting us directly

​

Please note it may take a short period for marketing preferences to fully update across all systems.

​

7. Bookings, Website Hosting & Third Party Providers

Our website, online booking systems and customer account features are hosted through Wix.

Personal information submitted through our website may be securely stored and processed through Wix servers and associated infrastructure providers. We do not directly host or maintain our own physical servers for customer website or booking data.

We use trusted third party providers to support our business operations, including:

  • Wix

  • Wix Bookings

  • Stripe

  • ColourStart

  • Omnisend

  • Google Analytics

  • Usercentrics

​

These providers may process personal data on our behalf and may store or process information outside the United Kingdom where legally appropriate safeguards are in place.

We require third party providers to process personal data securely and in accordance with applicable data protection laws.

​

8. International Transfers

Some of our third party providers may process personal information outside the United Kingdom.

Where personal data is transferred internationally, we take reasonable steps to ensure appropriate safeguards are in place to protect your information in accordance with UK GDPR requirements.

These safeguards may include:

  • adequacy regulations

  • approved contractual clauses

  • secure data processing agreements

​

9. Payments

Online payments are securely processed through Stripe.

In salon card payments are processed through Dojo payment terminals and authorised payment processing providers.

We do not store full payment card information on our own systems.

Payment providers process payment information securely in accordance with their own privacy and security policies.

 

10. Cookies & Analytics

We use cookies and similar technologies to:

  • improve website functionality

  • analyse website traffic and performance

  • remember user preferences

  • support website security

  • improve marketing performance

​

We use:

  • Google Analytics

  • Usercentrics

​

For more information about cookies and consent management, please see our separate Cookie Policy.

​

11. Third Party Links

Our website may contain links to third party websites, booking systems, social media platforms or external services.

We are not responsible for the privacy practices, security or content of third party websites. We encourage you to review their privacy policies before providing personal information.

​

12. Reviews, Testimonials & Media Content

With permission, we may use:

  • reviews

  • testimonials

  • photographs

  • videos

  • before and after imagery

​

for:

  • social media

  • website content

  • marketing campaigns

  • promotional materials

​

You may request removal of your content at any time by contacting us.

​

13. Children’s Privacy

We do not knowingly collect personal information directly from children without appropriate consent.

Bookings for clients under the age of 16 must be made by a parent or legal guardian.

Clients aged 16 or 17 may book appointments with parental or guardian permission where appropriate.

​

14. If You Fail To Provide Personal Data

Where we are required by law, safety requirements or contractual obligations to collect personal information and you do not provide the requested data, we may not be able to:

  • provide services

  • complete bookings

  • process orders

  • carry out consultations safely

​

In some cases, this may result in appointments or services being refused or cancelled.

​

15. Data Retention

We retain personal data only for as long as reasonably necessary for:

  • salon operations

  • client records

  • legal obligations

  • accounting requirements

  • insurance purposes

  • health and safety compliance

  • dispute resolution

​

Marketing information is retained until consent is withdrawn or you unsubscribe.

Inactive client records may be securely archived or anonymised where appropriate.

In certain circumstances, we may anonymise personal data for analytical or statistical purposes. Once anonymised, the information can no longer be associated with an identifiable individual.

​

16. Data Security

We take appropriate technical and organisational measures to protect personal data against:

  • accidental loss

  • unauthorised access

  • misuse

  • disclosure

  • alteration

​

We work with trusted third party platforms that help securely process and store customer information, including website hosting, bookings, payments and marketing systems.

Access to personal data is limited to authorised individuals and service providers who require access for legitimate business purposes.

Where legally required, we will notify affected individuals and relevant regulators of qualifying data breaches.

However, no online transmission or storage system can be guaranteed to be completely secure.

​

17. Change Of Purpose

We will only use personal data for the purposes for which it was originally collected unless we reasonably believe another use is compatible with the original purpose.

If we need to use personal data for a materially different purpose, we will update this Privacy Policy and provide notice where legally required.

​

18. Your Legal Rights

Under UK GDPR, you have rights including:

  • the right to access your personal data

  • the right to correct inaccurate information

  • the right to request deletion

  • the right to restrict processing

  • the right to object to processing

  • the right to data portability

  • the right to withdraw consent

  • the right to complain to the Information Commissioner’s Office (ICO)

​

ICO Website: https://ico.org.uk

​

We may request proof of identity before processing certain requests.

We aim to respond to legitimate requests within one month where legally required.

​

To exercise your rights, contact:
hello@lacunaro.co.uk

​

19. Changes To This Privacy Policy

We may update this Privacy Policy periodically to reflect:

  • legal changes

  • operational updates

  • new technologies

  • new services

​

The latest version will always be published on our website.

​

20. Contact Us

If you have any questions regarding this Privacy Policy or how we handle your personal data, please contact:

LACUNA RO HAIR LIMITED
22 Sir Isaacs Walk
Colchester
Essex CO1 1JJ

Email: hello@lacunaro.co.uk
Phone: 01206 520026

bottom of page