What is GDPR?

You may have heard about the GDPR, but you may not be entirely sure how it will affect your relationship with The Beauty School. So, here’s a quick run through of what it all means for you as a customer of ours.

What is the GDPR?

The EU is introducing a regulation – the General Data Protection Regulation (GDPR) – to strengthen data protection for all within the European Union. GDPR is good news for you. It makes it easier for you to access your personal information and control how it is used.
When is it coming?

May 25th, 2018
Why do we collect and use this information in the first place?

There are several reasons why we collect and use this information. We have outlined some of these reasons below but if you would like to find out more, please refer to our Data Protection Notice/Policy.

  • To help administer our products and services
  • To ensure we provide the best possible service
  • To prevent unauthorised access to your information
  • To meet our regulatory and legal obligations
  • To make business decisions which may impact you


Speaking of which, what is a Data Protection Notice?

A Data Protection Notice is a document that every organisation who processes personal information must produce and make available. It gives detailed, but simple, explanations of how your information is managed.

What are some of the key changes I will see as a customer?

The GDPR will give you greater control over your personal information by setting our additional and more clearly defined privacy rights, which you can exercise.
Rights for customers under the GDPR include:

  • The right to access personal information an organisation holds on you
  • The right to have inaccuracies corrected
  • The right to have information erased
  • The right to object, including in relation to direct marketing
  • To restrict processing
  • The right to have your personal information sent directly to yourself or another organisation
  • Rights in relation to automated decision making and profiling.

(You can find out about your privacy rights and how you can control the personal information we hold about you in our Data Protection Notice)

Do we share your personal information?

We sometimes need to share your personal information with trusted third parties who perform special functions for us. For example, we use third parties to help us address fraud, security or technical issues. We are also required to cooperate by law or otherwise through a legal process with Irish, EU regulatory or enforcement bodies.

How secure and confidential is your personal information?

We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. The security of your personal information is exceptionally important to us and we put a huge effort into protecting it. Our Data Protection Notice outlines how we do this in more detail.
For how long do we retain your personal information?

This depends on the nature of the information we hold and the purposes for which it is processed. Sometimes that are statutory obligations (imposed by law). For example, we must retain some customer information for 6 years after the end of the customer relationship under the Consumer Protection Code.
Where do I get more information?

You can request a copy of our Data Protection Notice

Check out www.dataprotection.ie

While care has been taken in the preparation of this communication, you should be aware that it has been designed to give a general overview and its content is not intended to be comprehensive. Specific information is contained in our Data Protection Notice, which we recommend you take the time to review.