Privacy & Cookies Policy
- Services are solely managed by Flossie.com Ltd and UK subsidiary Powered by Flossie.com Ltd.
- Flossie.com Ltd registered address is 96 St Georges Bay Road, Auckland 1052, New Zealand, registration number 3409935.
- Powered by Flossie.com Limited, registration number BR021714 of Herschel House, 58 Herschel Street, Slough SL11PG.
- Flossie.com Ltd and Powered by Flossie Ltd are the joint Data Controller and Processor throughout these Terms and Conditions
- Powered by Flossie.com Ltd and Flossie.com Ltd are both referred to as ‘Flossie’ for the purpose of ensuring our responsibilities are clear to you.
What does Flossie do?
Flossie provides software that helps hair and beauty businesses retail their appointments and products smarter online. Customers can instant book and choose to pay for an appointment upfront. Appointments can be made via the Services and through Powered by Flossie Salon branded websites and apps.
Flossie Services are not intended for or directed at children under the age of 13 years. As such, it is designed for adult user interaction. We do not intentionally collect personally identifiable information from children under the age of 13.
What we’ve covered in this Policy
- How we use your personal information
- Security of your personal information
- Processing and retaining your information
- International transfers of your personal information outside the EU
- Buy Now, Pay Later Transactions (Oxipay)
- Exercising your rights
- Updates to this policy
- Contact Us
We’ve done our best to make this as clear as possible for you, and not include legal terms, unless absolutely necessary.
HOW WE USE YOUR PERSONAL INFORMATION
- Flossie uses your information for the purpose of completing a hair or beauty appointment.
- This includes sharing your personal information to Salon’s in order for them to fulfill their duty in the service which you have booked and expect to be delivered.
- When you create an account, you have the option to submit permission to be contacted with marketing communication by either Flossie or a Salon partner. You are informed upfront if you are giving consent to be contacted directly by Flossie or a Salon partner. You can unsubscribe from this at any given time by clicking the unsubscribe link from the email or turning off your notifications from your Phone settings.
- Flossie uses information like cookies to improve your experience on Services; provide us with analytics information that help us improve our Services generally; and to collect information about hair and beauty categories and services of general interest to you so that you may only see content that are relevant to what you are interested in.
Personal information Flossie collects from you and why
1. What you provide directly to us
In order to make a booking you need to create an account and we collect your First Name, Surname, Email Address, Phone Number, City and Country. You also provide your billing information (credit card number, cardholder name and expiry date) to make an upfront payment at the time of booking the appointment.
We use these details to:
- Enable and process your hair and/or beauty appointment.
- Register an account with us.
- Provide you with a tax receipt and information about your upcoming booking.
- Give you the option to store (via a secure encrypted server) your credit card details for ease to quickly make a future booking (this can only be done with the authorisation provided by you at payment).
- Invite you to leave a review of your booking experience and service after your appointment.
- Subscribe you to receive marketing communications.
- Submit enquiries and/or start live chats.
- Provide to the Salon should they need to contact you about your upcoming appointment.
- Fraud prevention and detection. To prevent and detect fraud against either you or us and our Salon’s - unfortunate but very critical.
From your account, you can at any time change and update your personal information.
You may provide us at your choice any health concerns or pregnancy to disclose to the Salon prior to the booking. We do try to limit the circumstances under which we may collect sensitive personal information.
If you plan to submit someone else’s personal information to us, for instance when making a booking on their behalf, you should only provide us with that third parties details with their consent and after they have been given information about how we will use their personal information outlined in this Policy.
It’s important that all the information you provide us when you create an account is correct and accurate. This covers ensuring that we have the correct name and contact details for you at all times.
We will not collect any personally identifiable information about you e.g. your name or email address, through the Services unless you have provided it to us voluntarily. If you do not want your personal data collected, please do not submit it to us.
2. What Flossie collects automatically
When you visit and engage with Services on the web we collect information such as the device, unique device ID number, browser type, IP address and location, the date and time that you visited, the duration of your visit, referral source and navigation paths of your visit across our Services including pages viewed and links clicked (for example hair category viewed and the time and date when viewed).
When you use Services on app we also collect information regarding what screens are viewed and links clicked. If you have your location feature turned on we use information to only show localised content that’s relevant to you and you can switch this off at any time from your phone settings.
We may associate this information back to your account profile. Collecting this information enables us to better understand who comes to Flossie Services, where they come from and what is of interest to them. We use this information for internal analytical purposes and to improve the quality and relevance of Flossie Services. We also use this information to protect and prevent online fraud.
See our Cookies Policy further below for more information outlining our intent and purpose.
3. What Flossie collects from 3rd parties
Salon’s: Flossie may lawfully obtain personal information from Salon’s including updated contact information, like email or phone number that we need to add to our account information we have about you.
Online Chat: Flossie collects information about you when you engage with us in live chat. This is for the purpose to provide you with a better online booking experience (for example resolving any requests for a refund).
4. Cookies and related tracking technology
5. Other instances when you provide information directly to Flossie
Salon’s: If you’re an employee of a Salon in which we work with then we may also collect from you employee names, photos and other relevant details that are used for the sole purpose of promoting the business across our relevant Services.
Job applications: You may share personal information as part of a job application submitted via a recruitment agent, third-party recruitment platform or online community group or directly to us through our website, social media platforms or live chat. You may share sensitive personal data with us relating to whether reasonable adjustments ought to be made for you in the application process or subsequently if an employment relationship is established.
SECURITY OF YOUR PERSONAL INFORMATION
The security of your personal information is important to Flossie. We want you to feel confident about using Flossie Services to make bookings and we are committed to protecting the personal information we collect.
Flossie has implemented appropriate technical and organisational measures to protect the personal information that we collect and process about you. For example, we use encryption when transmitting your sensitive personal information between your system and ours and then to the Salon, and we employ firewalls to help prevent unauthorised persons from gaining access to your information. Hardware is locked every evening in secured lockers and all databases are managed with secure logins and passwords. In addition, only authorised employees are permitted to access personal information, and they may only do so for permitted business functions.
No method of transmission over the Web, or method of electronic storage, can be 100% secure. Therefore, we cannot guarantee the absolute security of your information.
The Internet by its nature is a public forum, and we encourage you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.
If you have any questions about Flossie’s security please write to us at email@example.com
PROCESSING AND RETAINING YOUR INFORMATION
Flossie retains your personal information for as long as required to fulfil the activities (for example enabling and processing your hair and/or beauty appointment) we’ve set out in this Policy, otherwise communicated to you or for as long as is permitted by applicable law.
- When you correspond with us via live chat across Flossie Services we only retain this data for up to 60 days after the end of the session.
- If you apply for a role with us Flossie only retains your information for up to one year from the submission date.
INTERNATIONAL TRANSFERS OF YOUR INFORMATION OUTSIDE THE EU
Powered by Flossie operates globally and adheres to the local laws data is processed in. The personal information we collect from you may be transferred, processed and stored at a destination outside of the European Economic Area (EEA), that being, New Zealand. If we disclose personal data to a third party in another country, Powered by Flossie puts safeguards in place to ensure that personal data remains protected.
When personal information is transferred outside the EEA, it is only transferred to New Zealand, a country that the EEA has deemed to provide adequate data protection.
If you are a resident of the European Economic Area, you have the following data protection rights:
- If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by writing to us
- If you request access to your personal data we will confirm whether we hold your information and provide you with a copy, explaining how we process it and why, how long we store it for and your rights associated with it.
- If you request deletion of your personal information, we will erase it. Please do note that we will need to retain any information that we require to fulfil our legal obligations or to establish, exercise or defend a legal (for example fraudulent) claim.
- You can object to the processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the ‘unsubscribe’ link in the marketing emails we send you.
- If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here
You have the right to stop us from contacting you for marketing purposes by either ‘unsubscribing’ from email or turning off your notifications from your mobile phone settings.
If you do decide to opt-in again to receive marketing communications from us you can write to us at firstname.lastname@example.org
BUY NOW PAY LATER TRANSACTIONS
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computers hard drive. We use the following cookies:
Strictly necessary cookies: These are cookies that are required for the operation of Flossie web Services. For example, cookies that enable you to log into a secure account, book and pay upfront for an appointment.
Analytical and performance cookies: They allow us to recognise and count the number of visitors and to see how visitors move around Flossie web Services when they are using it. This helps us to improve the way Flossie web Services work, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies: These are used to recognise you when you return to Flossie web Services. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your city and country).
Targeting cookies: These cookies record your visit to Flossie web Services, the pages you have visited and the links you have followed. We will use this information to make Flossie web Services and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
Third parties (for example Facebook, Instagram, Twitter) do collect and use data from cookies placed on Flossie Services. We don’t describe their privacy or security policies in this Policy. We recommend that you read their policies and if you prefer to not have your data reported by these parties that you follow their opt-out process. We’ve linked to these further down in this section.
Individual cookies Flossie uses and the purpose for which we use them:
- Facebook Analytics: used to personalise and optimise ads shown to you on Facebook and Instagram. You can opt-out of Facebook Analytics Privacy Settings here.
- Facebook Retargeting: used to create custom audiences for ads personalisation on Facebook and Instagram. You can opt-out of Facebook Retargeting Privacy Settings here.
You can find more information about how to manage cookies for all the commonly used internet browsers by visiting www.allaboutcookies.org. This website will also explain how you can delete cookies which are already stored on your device.
The important thing to remember is that some cookies do track your use of Flossie Services but cannot be used to identify you personally or tell us who you are.
EXERCISING YOUR RIGHTS
You can access and update your personal information at any time from your account in the Flossie web and app Services. You can deactivate your account and request to have your data deleted at any time either by contacting us at email@example.com or via our chat service. After you deactivate your account you will no longer be able to access your personal information. You can create a new account at any given time.
CHANGES TO THIS POLICY AND HOW TO CONTACT FLOSSIE
Updates to this Policy will be made when required by legal, technical and business developments. When we update this Policy, we will take appropriate measures to update you consistently with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where required by applicable data protection laws.
You can see when this Policy was last updated by checking the ‘last updated date displayed in the header of this Policy.
Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may write to us at firstname.lastname@example.org