Privacy Policy

Last updated: 13 November 2025

This Privacy Policy explains how Luxe Laser Lounge & Boutique (“we”, “us”, “our”) collects, uses, stores and protects your personal information. We are committed to handling data fairly, lawfully and transparently, in accordance with the UK GDPR and Data Protection Act 2018.

1. Who We Are

Data Controller: Luxe Laser Lounge & Boutique

Address: Suite 9, 8 Eaton Ford Green, Eaton Ford, St Neots PE19 7AF, United Kingdom

Telephone: 07566 741487 | Contact Form

2. Information We Collect

• Personal details: your name, email address, phone number, and enquiry details submitted through forms or bookings.
• Appointment and treatment data: booking details, patch‑test results, and information needed to provide safe and appropriate treatments (which may include limited health data).
• Usage data: IP address, browser type, pages visited and similar analytics information collected via cookies (see Cookies).

3. How We Use Your Data

• To process and manage your bookings or enquiries.
• To provide hair‑removal and waxing services safely and effectively.
• To communicate regarding appointments, updates or changes.
• To respond to messages and feedback.
• With consent, to send marketing updates or promotional offers.
• To improve our website, services and client experience.
• To meet legal, tax and insurance obligations.

4. Lawful Bases for Processing

• Contract: processing necessary to deliver or manage your booking/treatment.
• Consent: for marketing, cookies or processing health information. You may withdraw consent at any time.
• Legitimate Interests: conducting and improving business operations while balancing your rights.
• Legal Obligation: record‑keeping and compliance with UK regulations/insurance requirements.

5. Special Category (Health) Data

Some treatments require health or skin information. We collect this only where relevant and process it with your explicit consent to ensure treatment safety, or where necessary under professional, insurance or legal obligations.

6. Sharing Your Data

• Service providers: website host, booking platform, email and analytics tools.
• Payment processors: for any online or in‑person transactions.
• Professional advisers & insurers: for compliance and legal protection.
• Legal authorities: where required by law or lawful request.

7. Data Retention

• Enquiries – up to 24 months after last contact.
• Client/treatment records – typically 7 years after final appointment (or longer if legally required).
• Marketing preferences – until you withdraw consent.
• Cookie/analytics data – per provider retention periods.

8. Data Security

We maintain appropriate technical and organisational measures to protect data. However, online transmission can never be guaranteed 100% secure.

9. Your Rights

You have the right to:

• Access, correct or delete your data.
• Restrict or object to data processing in certain circumstances.
• Withdraw consent where applicable.
• Request data portability.
• Lodge a complaint with the UK Information Commissioner’s Office (ico.org.uk/make‑a‑complaint).

To exercise rights, contact us using details in Section 1. We may need to verify your identity.

10. Cookies and Tracking

We use essential cookies for core site functions and, with consent, analytics cookies to measure site usage. You can manage preferences anytime via the on‑site cookie banner at the bottom left of any page or your browser.

• Essential: wp‑settings‑*, wp‑settings‑time‑*, mhcookie – necessary for website performance.
• Analytics: _ga and _ga_* (Google Analytics) – usage statistics and performance insights.

11. Children

Our services and website are not targeted at anyone under 16. Parental consent is required for any non‑essential cookies or minors’ treatments.

12. Social Media & Third Parties

Our site links to Facebook and Instagram. Data shared on these platforms is governed by their own privacy policies. We are not responsible for external website practices.

13. International Transfers

Where data is transferred outside the UK (for example, for cloud hosting), we rely on approved safeguards such as UK International Data Transfer Agreements or adequacy decisions to protect your information.

14. Updates to This Policy

We may revise this policy periodically. The latest version will always be available on our website and will show the “Last updated” date.

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact: