Privacy Policy

Pattern Pattern

Information about our use of cookies

This Cookie Policy should be read in conjunction with our Privacy Policy below.

What are cookies?

Cookies are small data files that are placed on the browser on your computer or mobile device when you visit a website and use its functions, or use an app. Cookies are widely used by online service providers to facilitate and help to make the interaction with users faster and easier (by helping us to distinguish between you and other users and enabling us to retrieve things like your settings and preferences), as well as to provide reporting information and facilitate online advertising.

Cookies set by Phorest on this Website are called “first party cookies”. Cookies on the Website set by parties other than Phorest are called “third party cookies”. Third party cookies enable third party features or functionality to be provided on or through the website (e.g. interactive content and analytics).

Why do we use cookies

We use first party and/or third party cookies on our Website for various purposes such as:

  • to improve your experience of our website/s and make navigating them quicker and easier
  • to allow us to create a bespoke user experience for you and for us to understand what is useful or of interest to you
  • to analyse how our website is used and how best we can customise them
  • to know that you have seen important information so we don’t show it to you again if it’s your preference

We use the following types of cookies:

Required cookies are essential for you to browse the website and use its features. These cookies help us to know if you have already seen content that we don’t want to show you anymore and to keep some of your preferences for further visits (e.g. the cookies banner) without storing any personal information from you.

Preferences cookies, also known as functionality cookies, allow a website to remember choices you have made in the past or what content you have signed up to see so you don’t have to give us your details again.

Statistics cookies, also known as performance cookies, collect information about how you use a website, like which pages you visited and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. Their sole purpose is to improve website functions.

Please note that third parties may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

Updates to this Cookies Policy

We may update this Cookie Policy from time to time in order to reflect, for example, changes to the cookies we use or for other operational, legal or regulatory reasons. Please therefore re-visit this Cookie Policy regularly to stay informed about our use of cookies and related technologies.

If you need further information

If you have any questions about our use of cookies, please email us at gdprdpo@phorest.com.

Phorest Privacy Notice 

Introduction 

The following privacy notice outlines how nDevor Systems Ltd T/A Phorest (‘we’ or ‘us’ or ‘our’) gathers, processes, and protects your personal data. Phorest is a software company that provides services including provision of software to salons and other businesses to manage their business, online booking services and SMS delivery. 

The data protection officer for the organisation is Garrett Ahern. All GDPR / data protection information requests / enquiries must be communicated to Phorest as follows: contact Phorest’s Data Protection Officer either by sending an email to gdprdpo@phorest.com or in writing to Data Protection Officer, Phorest, 9 Anglesea Row, Dublin 7, Ireland. Information requests / enquiries being made on behalf of a third party are not accepted by email and must be communicated solely in writing, on headed paper. 

Personal data collected 

The personal data that we collect is: 

  • Name
  • Address 
  • Email Address 
  • Date of Birth 
  • Phone number 
  • Identification documentation 
  • Consultation forms 
  • Health information 
  • Appointment data & associated notes 
  • Tax & banking details, where appropriate (to bill customers, set up Direct Debits) 
  • Payment card details 
  • Marketing preferences 
  • CCTV images (of Phorest’s premises & vicinity) 

Purpose and Legal Basis for Processing Your Data 

Phorest takes your privacy seriously and we will never sell or rent your personal data to any third-party. Sharing of your data and direct marketing activities are only carried out with your express consent, which you are free to withdraw at any time. We need to obtain and process your personal data to provide you with our products and services, to assist our business clients with the running of their operation, and to fulfil our business and legal obligations. We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice. 

Where we request sensitive personal data from you (i.e. health or medical data), the reason(s) for the request will be clearly given along with the purposes of the processing. Explicit consent through a signature will always be required for us to obtain and process your health information. 

Your personal data is collected and processed for the following reasons: 

  • In the performance of a contract for our business clients to sell products or services (name, address, email, contact number, DOB). 
  • Through legitimate interest to engage in communication with you including confirmation and reminders of appointments, and requests to cancel or change bookings. 
  • Health information is collected for our business clients to perform the agreed services appropriately, to potentially highlight areas that products and services may cause issues to clients because of their health and provide industry standard advice. 
  • As part of our legal obligation for business accounting, tax and insurance purposes. 
  • As required by law or to respond to legal process. 
  • Select relevant offers, promotions and information for you. 

Who is processing my data? 

Phorest, 9 Anglesea Row, Smithfield, Dublin, D07 W5NE, Ireland are the data controller and processes your personal information for the purposes laid out in this privacy notice. Phorest, 9 Anglesea Row, Dublin, D07 W5NE, Ireland, acts as data processor on behalf of client businesses and have access to personal information only in cases that customer support or troubleshooting is required by clients. Further, they must process the personal information in accordance with this Privacy Notice and as permitted by applicable data protection laws.

 Your rights as the individual 

If your personal data is held by Phorest, you hold particular rights over it. Where you have provided consent for us to contact you as part of our marketing services, you have the right to modify or withdraw your consent at any time by using the unsubscribe option accompanied with all of our direct marketing or by contacting the Phorest Data Protection Officer. 

You also have the right: 

  • To be informed of how your personal data will be used before it is collected. 
  • To access your personal data and to receive information on how your information is used after it has been gathered. 
  • To have personal data corrected if it is incomplete, inaccurate or out-of-date. 
  • To request the removal or deletion of personal data where there is no compelling reason for its continued processing. 
  • To restrict processing, to ‘block’ processing of your personal data. 
  • To data portability, having your data moved, copied or transferred from Phorest to another organisation in an easily readable format. 
  • To object to direct marketing from us. 

Special categories of personal data collected 

Health questions are asked in many of our business clients’ consent forms to potentially highlight treatments that may have a negative effect on your health due to medication you are taking or a condition you have. Phorest asks for consent prior to gathering and processing this information. At any time after giving consent, you can withdraw you consent, subject to legal, insurance and contractual restrictions (see more on ‘your rights as an individual’). Your privacy is very important to us and this information is only used for determining your suitability for the treatment. 

Process of collection 

Your personal data is collected when you provide it to us through Phorest software, our website, over the phone, in Phorest salons, by email, social media, in writing or any other means by which you provide it to us. Information is stored using the Phorest software platform. 

Phorest gives consumers access to information about their account and bookings through Phorest software, for the limited purpose of viewing and updating that information. 

Children’s Privacy 

Client businesses do not collect the personal data of children under the age of 13 without parental or guardian consent. If you believe that we hold any information from or about a child under age 13, please contact Phorest and if we cannot immediately obtain appropriate parental or guardian consent, will remove the personal data from storage. 

Data Sharing 

Your personal data is shared only with Phorest representatives in cases that customer support and troubleshooting is required for the salon. Phorest do not share your personal information with any third-party without your prior consent, other than those already disclosed in this privacy notice or as part of our legal obligations under the relevant data protection laws. 

Use of Data Processors 

Data processors are third parties who provide some elements of our business services for us. Where we use a third-party, we have strict agreements in place governing the processing of your personal data, on which no action can be taken without instruction from us. The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times. 

Phorest 

Clients utilise software provided by Phorest to manage their business, including but not limited to accepting bookings, organising appointments, taking payments etc. 

How Long Do We Keep Your Data? 

Phorest retains your personal data for as long as necessary to provide you with our services as our client. Phorest are required under tax laws to keep your personal data for a minimum of 7 years. Health and Safety records will be retained for 10 years and where we have your consent for marketing purposes, we will retain the minimum required data until you notify us that you no longer wish to receive such information. 

The criteria for which we would continue to process your personal information includes: 

  • Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information 
  • Where processing is necessary for the establishment, exercise or defence of legal claims.

Cookies (if applicable) 

A ‘cookie’ is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. When you visit a site that uses cookies for the first time, a cookie is downloaded onto your computer/mobile device so that the next time you visit that site, your device will remember useful information such as items added in the shopping cart, visited pages or login options. 

Our website relies on cookies to carry out certain functions and to tailor your user experience. Enabling these cookies is not strictly necessary for the website to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended. You can control and/or delete cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. 

Transfers of personal information 

When personal dataof persons located in the EU is processed through Phorest software, all of it is held within the EU. Your information is processed by the Phorest software and stored in the Amazon Web Services cloud infrastructure. During this process your data is encrypted in transit and at rest. 

Consequences of not providing your personal information to Phorest 

In the event that you want to purchase a product or service from Phorest, certain personal information is required to enter into a contract with you. Phorest will not be able to enter into a contract with you to fulfil an attempt to purchase a product or service if you do not provide your personal information. 

As noted in this privacy statement, we are processing your personal data to comply with legal and statutory obligations and in the performance of a contract. You can always choose not to provide personal information; however, we will be unable to provide certain products, services and treatments in these instances. 

Safeguarding your Personal Data 

Appropriate measures are taken to protect your personal data from access from unauthorized persons or inappropriate access, internal or external. Your connection to the Phorest system uses a HTTP Secure communication protocol and TLS security. This means all information passed to the Phorest system is encrypted during data input and transfer to the cloud. Any paper files recording your personal data are held in a locked filing cabinet or safe which can only be accessed by authorised personnel in the salon. Employees are only assigned specific access rights and can only access the salon software with the PIN number assigned to them by the management of the salon. 

Complaints 

In the occurrence that you want to make a complaint about how your personal data was gathered, how it is being processed by Phorest (or third parties used by Phorest) or you are not satisfied about how a complaint has been handled, you retain the right to lodge a complaint directly with the supervisory authority and Phorest and also the Phorest Data Protection Officer/ GDPR Owner. Phorest would appreciate the opportunity to assist you with your query before raising a complaint with Data Protection authorities. 

Data Protection Supervisory Authority: 

Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois, Ireland R32 AP23 +353 (0) 57 8684800 

Data Protection Commissioner, Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF +44 (0) 303 123 1113 

Phorest Data Protection Officer/GDPR Owner 

The data protection officer for the organisation is Garrett Ahern. All GDPR / data protection information requests / enquiries must be communicated to Phorest as follows: contact Phorest’s Data Protection Officer either by sending an email to gdprdpo@phorest.com or in writing to Data Protection Officer, Phorest, 9 Anglesea Row, Dublin 7, Ireland. Information requests / enquiries being made on behalf of a third party are not accepted by email and must be communicated solely in writing, on headed paper.

Click here to download our Phorest Privacy Notice