Privacy Policy

1. Introduction and Overview

Welcome to Hairs Affairs ("we," "our," or "us"). At Hairs Affairs, we are committed to protecting your privacy and the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website hairsaffairs.com (the "Site") or use our services.

We operate in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). By accessing or using our Site, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Site.

2. Information Collection

We collect several types of information from and about users of our Site, including:

2.1 Personal Data

Personal data refers to any information that identifies you as an individual. We may collect the following personal data:

• Contact Information: Name, email address, telephone number, and postal address when you create an account, book an appointment, or contact us.
• Profile Information: Hair type, preferences, and styling history when you create a profile.
• Transaction Information: Details about purchases or services you have acquired from us, including appointment history.
• Correspondence: Records of your communications with us if you contact us directly.
• Photographs: If you choose to share photos of your hairstyles for consultation or portfolio purposes.

2.2 Non-Personal Data

We also collect non-personal data that does not directly identify you but helps us improve our services:

• Usage Data: Information about how you interact with our Site, including pages visited, time spent on pages, and navigation paths.
• Device Information: Information about your device, including IP address, browser type, operating system, and device identifiers.
• Location Data: General location information derived from your IP address.

3. Use of Information

We use the information we collect for various purposes, including:

• To provide and maintain our services, including processing appointments and managing your account.
• To personalize your experience and deliver content relevant to your hair type and preferences.
• To communicate with you, including responding to inquiries and providing customer support.
• To send you appointment reminders, updates, and marketing communications (with your consent).
• To improve our website, services, and customer experience.
• To analyze usage patterns and trends to enhance our offerings.
• To protect our rights, property, or safety, and that of our users or others.
• To comply with legal obligations and resolve disputes.

We process your personal data only when we have a legal basis to do so, such as:

• When you have given consent for specific purposes.
• When processing is necessary for the performance of a contract with you.
• When processing is necessary for compliance with a legal obligation.
• When processing is necessary for our legitimate interests, provided your fundamental rights do not override these interests.

4. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to collect information about your browsing activities and to distinguish you from other users. This helps us provide you with a good experience when you browse our Site and allows us to improve our services.

4.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the operation of our Site and cannot be disabled.
• Analytical/Performance Cookies: Allow us to recognize and count visitors and analyze how users navigate our Site.
• Functionality Cookies: Enable our Site to remember choices you make and provide enhanced features.
• Targeting Cookies: Record your visit to our Site, the pages you visit, and the links you follow to deliver relevant advertisements.

4.2 Cookie Management

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our Site may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookie Policy.

5. Third-party Sharing

We may share your personal information with the following categories of third parties:

• Service Providers: We may share your information with third-party service providers who perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, and customer service.
• Business Partners: We may share your information with our business partners to offer you certain products, services, or promotions related to hair care and styling.
• Professional Advisors: We may share your information with professional advisors, such as lawyers, auditors, and insurers, where necessary in the course of professional services they render to us.
• Legal Requirements: We may disclose your information where required by law, regulation, or legal process, such as in response to a court order or subpoena.

We do not sell your personal information to third parties. Any third parties with whom we share your information are contractually obligated to process your data only on our instructions and in compliance with applicable data protection laws.

6. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage. The security measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.

Your personal data is stored on secure servers located within the European Economic Area (EEA). We retain your personal information only for as long as necessary to fulfill the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements.

While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of any account credentials and for limiting access to your computer or device.

7. User Rights

Under the GDPR and German data protection law, you have certain rights regarding your personal data:

• Right to Access: You have the right to request copies of your personal information.
• Right to Rectification: You have the right to request that we correct any inaccurate information or complete any incomplete information we have about you.
• Right to Erasure: You have the right to request that we delete your personal information in certain circumstances.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Right to Data Portability: You have the right to request that we transfer your personal information to another organization or directly to you.
• Right to Object: You have the right to object to our processing of your personal information in certain circumstances.
• Right to Withdraw Consent: If we rely on your consent to process your personal information, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month. You also have the right to lodge a complaint with the German Federal Commissioner for Data Protection and Freedom of Information (BfDI) or your local data protection authority.

8. Children's Privacy

Our Site is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected], and we will take steps to delete such information from our systems.

9. International Data Transfers

We primarily process and store your personal data within the European Economic Area (EEA). However, in some cases, your personal data may be transferred to, and processed in, countries outside the EEA where our service providers are located. These countries may have data protection laws that differ from those in Germany and the EEA.

When we transfer your personal data outside the EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as:

• Using specific contracts approved by the European Commission that give personal data the same protection it has in Europe.
• Transferring data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Using service providers who are certified under the EU-US Privacy Shield Framework or similar mechanisms.

10. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by an updated "Last Updated" date at the top of this Privacy Policy. We encourage you to review this Privacy Policy frequently to stay informed about how we are protecting your information.

If we make material changes to this Privacy Policy, we will notify you by email or by posting a notice on our Site prior to the changes becoming effective. Your continued use of our Site after any changes to this Privacy Policy constitutes your acceptance of the revised Privacy Policy.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Our Data Protection Officer can be contacted at the above email address.