Facebook Instagram
book Appointment

GDPR Policy for Dirty Dogs Huyton

Dirty Dogs Huyton (“we”, “us”, “our”) is committed to protecting and respecting your privacy in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy sets out how we comply with our obligations under data protection law and explains your rights as a client.

1. Purpose of This Policy

The purpose of this GDPR Policy is to:

  • Ensure transparency in how we collect, store, use, and share personal data.

  • Confirm our compliance with UK GDPR principles.

  • Explain your rights under UK data protection law and how you can exercise them.

  • Provide assurance that your personal data is processed fairly, lawfully, and securely.

2. Data Protection Principles

We fully adhere to the seven key principles of the UK GDPR. Your personal data is:

  1. Processed lawfully, fairly, and transparently.

  2. Collected for specified, explicit, and legitimate purposes and not further processed in a way that is incompatible with those purposes.

  3. Adequate, relevant, and limited to what is necessary.

  4. Accurate and kept up to date.

  5. Stored only as long as necessary for the purposes collected.

  6. Processed securely using appropriate technical and organisational measures.

  7. Accountability: We take responsibility and can demonstrate compliance with all these principles.

3. What Data We Collect

We may collect and process:

  • Identity and contact details: name, phone number, email address, home address.

  • Dog details: name, breed, age, temperament, health notes (if relevant to grooming).

  • Appointment and service history.

  • Financial/transactional data (if you pay electronically).

  • Website usage data: IP addresses, cookies, and browsing behaviour.

4. Lawful Basis for Processing

We process your personal data under the following lawful bases:

  • Contract: to provide grooming services you have booked.

  • Legitimate interests: to manage our salon, keep records, and communicate with you.

  • Consent: for marketing communications and promotional offers (you can withdraw at any time).

  • Legal obligation: to comply with UK accounting, tax, and record-keeping requirements.

5. How We Use Your Data

We use your data to:

  • Manage appointments and provide dog grooming services.

  • Communicate with you about bookings, reminders, or service updates.

  • Tailor our service to your dog’s specific needs.

  • Send marketing (only with your consent).

  • Maintain accurate business and financial records.

  • Monitor and improve our website and customer experience.

6. Data Sharing and Transfers

We do not sell or trade your personal information. We may share your data only with:

  • Service providers acting on our behalf (e.g. booking systems, payment processors).

  • Professional advisors (e.g. accountants) where legally required.

  • Regulatory or legal authorities if required by law.

We do not transfer your data outside the UK/EEA unless adequate safeguards are in place.

7. Data Retention

We will not keep your data longer than necessary. Typical retention periods are:

  • Client records: kept for up to 3 years after your last appointment.

  • Financial/transactional records: up to 6 years (for HMRC compliance).

  • Marketing records: until you withdraw consent.

8. Data Security

We implement appropriate security measures to protect your data, including:

  • Password-protected systems and devices.

  • Restricted access to personal data on a “need-to-know” basis.

  • Secure disposal of outdated paper or digital records.

  • Regular reviews of data handling practices.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right to be informed – about how your data is used (this policy).

  • Right of access – to request a copy of your data.

  • Right to rectification – to correct inaccurate information.

  • Right to erasure (“right to be forgotten”) – in certain circumstances.

  • Right to restrict processing – limit how we use your data.

  • Right to data portability – request transfer to another provider.

  • Right to object – to processing based on legitimate interests or marketing.

  • Rights related to automated decision-making – we do not use automated profiling.

To exercise any of these rights, please contact us (details below).

10. Data Breaches

If a personal data breach occurs that may put your rights and freedoms at risk, we will:

  • Notify the Information Commissioner’s Office (ICO) within 72 hours (where legally required).

  • Inform affected clients without undue delay if the breach is high-risk.

  • Keep detailed records of all breaches, regardless of impact.

11. Accountability and Training

We ensure GDPR compliance through:

  • Regular review of policies and data protection procedures.

  • Staff awareness and training (where applicable).

  • Maintaining records of processing activities.

12. Contact Details

If you have any questions or wish to exercise your rights, contact us

Type to search

Shopping cart

0
image/svg+xml

No products in the cart.

Continue Shopping