Harrison's Beauty

Data Protection

Privacy Policy

How we collect, use, and protect your personal information in accordance with GDPR and UK data protection laws.

At a Glance

Data Controller:HARRISON JAMES LTD
Lawful Basis:Consent & Legitimate Interest
Data Retention:As required by law
Your Rights:Access, correction, deletion

Introduction

Harrison's Beauty ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and protect your data when you visit our website https://harrisonsbeauty.com or make a purchase.

This policy applies to all users of our website and customers who purchase our products. By using our website and services, you agree to the collection and use of information in accordance with this policy.

HARRISON JAMES LTD (14883325) is the data controller for your personal information.

Information We Collect

Personal Information

  • • Name and contact details (email, phone, address)
  • • Payment information (processed securely by payment providers)
  • • Order history and purchase preferences
  • • Communication preferences

Technical Information

  • • IP address and browser information
  • • Device information and usage data
  • • Cookies and similar tracking technologies
  • • Pages visited and time spent on our site

Communication Data

  • • Email correspondence and support requests
  • • Customer feedback and reviews
  • • Newsletter subscriptions (if applicable)

How We Use Your Information

Service Provision

  • • Process and fulfill your orders
  • • Provide customer support
  • • Send order confirmations and updates
  • • Manage returns and refunds

Marketing & Communication

  • • Send promotional emails (with consent)
  • • Personalize your shopping experience
  • • Recommend relevant products
  • • Conduct market research

Legal & Security

  • • Comply with legal obligations
  • • Prevent fraud and protect our systems
  • • Enforce our terms and conditions
  • • Ensure website security

Legal Basis for Processing

We process your personal information based on the following legal grounds under GDPR:

Contractual Necessity: To fulfill our obligations under your purchase agreement.
Legal Obligation: To comply with UK laws and regulations.
Legitimate Interest: For marketing, security, and business improvement purposes.
Consent: When you explicitly agree to specific data processing activities.

Data Sharing & Third Parties

We may share your information with carefully selected third parties to provide our services:

Payment Processors: Stripe, PayPal, and other payment providers to process transactions securely.
Shipping Partners: Royal Mail, DHL, and other couriers to deliver your orders.
Shopify: Our e-commerce platform for order management and secure checkout.
Analytics Tools: Google Analytics or similar tools to understand website usage.
Email Service: Mail providers to send order confirmations and customer communications.

All third parties are carefully vetted and contractually bound to protect your data in accordance with GDPR.

Your Rights

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request transfer of your data to another service
  • Restriction: Request restriction of processing
  • Objection: Object to processing based on legitimate interest
  • Withdraw Consent: Withdraw consent at any time

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • • SSL encryption for all data transmissions
  • • Secure payment processing through PCI-DSS compliant providers
  • • Regular security audits and vulnerability assessments
  • • Access controls and authentication systems
  • • Staff training on data protection

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

  • Order Data: 7 years for tax and legal purposes
  • Account Information: Until you request deletion
  • Marketing Data: Until you unsubscribe or withdraw consent
  • Analytics Data: 26 months (Google Analytics default)

After the retention period, data is securely deleted or anonymized.

Cookies and Tracking

We use cookies and similar technologies to enhance your experience and analyze website usage. Our cookie consent mechanism ensures you have control over which cookies are used.

  • Essential Cookies: Required for basic website functionality and shopping cart
  • Analytics Cookies: Google Analytics to understand how visitors use our site (with consent)
  • Shopping Cart Cookies: Remember items in your cart during your visit

Analytics Cookies

Google Analytics: We use Google Analytics 4 (GA4) to understand how our website is used and improve our services.

What we collect:
  • • Pages visited and time spent on our site
  • • Device and browser information
  • • General location (country/region, not precise location)
  • • How you arrived at our site (referral source)
How we use it:
  • • To understand which products are most popular
  • • To identify and fix website issues
  • • To improve user experience and navigation
  • • To measure the effectiveness of our marketing
Your choice:
  • • Analytics cookies only run after you accept them
  • • You can reject all cookies and still use our site
  • • You can change your preferences at any time
  • • Data is anonymized and aggregated, never personally identifying

Data Processing: Google Analytics processes data in accordance with Google's privacy policy. We use anonymized IP addresses and do not collect personally identifiable information through analytics.

Opt-out: You can opt out of Google Analytics by installing theGoogle Analytics Opt-out Browser Add-on.

You can control cookie preferences through our cookie consent banner or your browser settings. Disabling cookies may affect some website functionality.

International Data Transfers

Your personal information may be transferred to countries outside the UK/EEA when using third-party services (e.g., Shopify, Google Analytics). We ensure adequate protection through:

  • • EU Standard Contractual Clauses (SCCs)
  • • GDPR adequacy decisions
  • • Binding corporate rules where applicable

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We'll notify you of any material changes by:

  • • Posting the updated policy on our website
  • • Sending an email notification for significant changes
  • • Displaying a notice on our website

Your continued use of our services after any changes indicates acceptance of the updated policy.

Contact Us About Privacy

If you have any questions about this Privacy Policy or want to exercise your data rights, please contact our Data Protection Officer:

Email: harrisonjamesllc@outlook.com

Company: HARRISON JAMES LTD

Address: 31 Tudor Way, Brackley, England, NN13 6NH

Company Number: 14883325