Site Logotype Site Logotype Dark
Book Appointment

Privacy Policy

Last Updated: November 2025

1. Introduction

The Brazilian Wax (“we,” “us,” “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, booking appointments, or visiting our website, you consent to the collection and use of your personal data as described in this Privacy Policy.

Data Controller

The Brazilian Wax is the data controller responsible for your personal data.

2. What Personal Data We Collect

We collect and process the following types of personal data:

Information You Provide to Us

When you book an appointment or use our services:

  • Full name
  • Phone number
  • Email address
  • Date of birth (to verify age requirements)
  • Payment information (credit/debit card details, billing address)
  • Appointment history and service preferences
  • Health information (medical conditions, medications, allergies, contraindications disclosed during consultation)

When you contact us:

  • Name, email address, phone number
  • Any information you provide in your message or inquiry
  • When you visit our website:
  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent on our website
  • Referring website or source
  • Cookies and similar tracking technologies (see Section 10)

When you consent to marketing:

  • Email address and/or phone number for promotional communications
  • When you consent to photography:
  • Photos of treatment results (anonymized unless you consent otherwise)

3. How We Use Your Personal Data

We use your personal data for the following purposes:

Service Delivery
  • To process and confirm your appointment bookings
  • To provide waxing and beauty services
  • To communicate with you about your appointments (confirmations, reminders, rescheduling)
  • To process payments and issue receipts
  • To maintain records of services provided
  • Health & Safety
  • To assess contraindications and ensure your safety during treatments
  • To maintain hygiene and safety standards
  • To follow up on any adverse reactions or complaints
Business Operations
  • To manage cancellations, no-shows, and refunds
  • To improve our services and customer experience
  • To respond to inquiries, complaints, and feedback
  • To maintain business records and accounts
Marketing (with your consent)
  • To send promotional emails, special offers, and news about our services
  • To send SMS marketing messages (if you opt in)
  • To share before/after photos and testimonials (only with explicit consent)
Legal Obligations
  • To comply with legal and regulatory requirements
  • To protect our legal rights and prevent fraud or misuse of services
Legal Basis for Processing
  • We process your personal data based on the following legal grounds:
  • Contract performance: To provide services you have booked
  • Consent: For marketing communications and photography
  • Legitimate interests: To operate our business, improve services, and prevent fraud

Legal obligation: To comply with tax, accounting, and health & safety laws

4. How We Share Your Personal Data

We do not sell, rent, or trade your personal data to third parties. However, we may share your information with trusted third parties in the following circumstances:

Service Providers & Partners

We may share your data with third-party service providers who help us operate our business, including:

  • Payment processors (e.g., Stripe, Square, PayPal) to process card payments securely
  • Booking and scheduling platforms (e.g., online booking systems) to manage appointments
  • Email and SMS providers (e.g., Mailchimp, Twilio) to send appointment confirmations and marketing (with consent)
  • Accounting and bookkeeping services to maintain financial records
  • Website hosting and IT support to maintain our website and systems

These third parties are contractually obligated to protect your data and use it only for the purposes we specify.

Legal Requirements

We may disclose your personal data if required by law, court order, or regulatory authority, or to protect our legal rights, prevent fraud, or ensure the safety of our staff and clients.

Business Transfers

In the event of a sale, merger, or acquisition of our business, your personal data may be transferred to the new owner, subject to the same privacy protections.

5. How We Store & Protect Your Personal Data
Data Security

We take data security seriously and implement appropriate technical and organizational measures to protect your personal data, including:

  • Secure storage of physical records (locked cabinets with restricted access)
  • Encrypted digital storage and secure password-protected systems
  • Secure payment processing (we do not store full credit card details)
  • Regular staff training on data protection and confidentiality
  • Access controls (only authorized staff can access personal data)
Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.

Retention Periods:

  • Appointment and service records: 7 years (for accounting, tax, and legal purposes)
  • Marketing consent records: Until you withdraw consent or we cease marketing activities
  • Health information: 7 years (in line with health and safety record-keeping requirements)
  • Payment records: 7 years (for tax and accounting purposes)
  • Website analytics and cookies: Up to 2 years (see Cookie Policy)
  • After the retention period, we will securely delete or anonymize your personal data.

6. Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this free of charge within one month of your request.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data.

Right to Erasure (“Right to be Forgotten”)

You have the right to request that we delete your personal data in certain circumstances, such as:

  • The data is no longer necessary for the purposes it was collected
  • You withdraw consent (where consent was the legal basis)
  • You object to processing and there are no overriding legitimate grounds
  • The data was unlawfully processed

Please note: We may be required to retain certain data for legal or regulatory purposes (e.g., accounting records for 7 years).

Right to Restrict Processing

You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability

You have the right to request that we transfer your personal data to another organization or provide it to you in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing of your personal data for:

  • Direct marketing purposes (you can opt out at any time)
  • Processing based on legitimate interests
Right to Withdraw Consent

If we process your personal data based on your consent (e.g., marketing emails, photography), you have the right to withdraw consent at any time. This will not affect the lawfulness of processing before consent was withdrawn.

How to Exercise Your Rights

To exercise any of these rights, please contact us. We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by up to two months and will notify you.

Right to Complain

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

7. Marketing Communications

We may send you marketing communications (emails, SMS ) about our services, special offers, and promotions only if you have given us consent or if you are an existing client and we are promoting similar services (soft opt-in).

How We Use Your Data for Marketing
  • Email newsletters and promotional offers
  • SMS messages about special offers or appointment reminders (if you opt in)
  • Social media posts featuring anonymized before/after photos (with explicit consent)
How to Opt Out

You can opt out of marketing communications at any time by:

  • Clicking the “unsubscribe” link in any marketing email
  • Replying “STOP” to any marketing SMS
  • Contacting us directly to request removal from our marketing list
  • Updating your preferences in your online account (if applicable)

Please note: Opting out of marketing will not affect transactional communications (appointment confirmations, reminders, receipts), which are necessary for service delivery.

8. Third-Party Links

Our website may contain links to third-party websites (e.g., social media, booking platforms, payment processors). We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any personal data.

9. International Data Transfers

Your personal data is stored and processed within the United Kingdom. If we transfer data outside the UK or European Economic Area (EEA) (e.g., to third-party service providers), we will ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the UK ICO
  • Adequacy decisions confirming the recipient country has adequate data protection laws
  • Binding corporate rules or certification schemes (e.g., Privacy Shield equivalents)

10. Cookies & Website Tracking

Our website uses cookies and similar tracking technologies to improve your browsing experience and analyze website traffic.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help us remember your preferences, analyze how you use our site, and improve functionality.

Types of Cookies We Use

Strictly Necessary Cookies:
These cookies are essential for the website to function properly (e.g., booking system, payment processing). You cannot opt out of these cookies.

Performance & Analytics Cookies:
These cookies collect anonymous information about how visitors use our website (e.g., Google Analytics). This helps us improve our site and understand user behavior.

Functionality Cookies:
These cookies remember your preferences (e.g., language, location) to provide a more personalized experience.

Marketing & Advertising Cookies:
These cookies track your browsing activity to deliver targeted ads and measure the effectiveness of marketing campaigns (e.g., Facebook Pixel, Google Ads).

Managing Cookies

You can control and delete cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

Browser Settings:

  • Chrome: Settings > Privacy and Security > Cookies
  • Firefox: Settings > Privacy & Security > Cookies
  • Safari: Preferences > Privacy > Cookies
  • Edge: Settings > Privacy, Search, and Services > Cookies

For more information, visit: https://www.aboutcookies.org

11. Children’s Privacy

Our services are not intended for individuals under the age of 16 (or under 18 for intimate waxing ). We do not knowingly collect personal data from children without parental consent.

If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. Any changes will be posted on our website with the updated date.

We encourage you to review this Privacy Policy periodically. Continued use of our services after changes are made constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

The Brazilian Wax
1st Floor, 239 High Holborn
London, WC1V 7EW
(Entrance from Little Turnstile Street)

Email: 07927 560046
Phone: thebrazilianwaxlondon@gmail.com
Website: https://thebrazilianwax.co.uk

By using our services and website, you acknowledge that you have read and understood this Privacy Policy.