Privacy Policy

Introduction

crispend-io respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard information about you when you use our website or engage our services.

This policy applies to all clients, prospective clients, and website visitors. By using our website or services, you accept the practices described in this document.

Information We Collect

We collect and process different types of personal information depending on how you interact with us:

Contact Information

When you reach out to us via email or through our website, we collect your name, email address, and any details you choose to share about your styling needs or preferences. This information helps us respond appropriately to your enquiry.

Service Information

During consultations and styling sessions, we gather information about your style preferences, body measurements, colour analysis results, wardrobe inventory, and lifestyle requirements. This data enables us to provide personalised recommendations tailored to your specific needs.

Payment Information

For service bookings, we collect billing details necessary to process payments. Financial transactions are handled through secure third-party payment processors. We do not store complete credit card information on our systems.

Website Usage Data

Our website collects standard technical information including IP addresses, browser type, device information, and pages visited. This data helps us understand how visitors use our site and improve the user experience.

How We Use Your Information

We use the personal data we collect for specific, legitimate purposes:

Service Delivery

Your information allows us to provide the styling services you've requested. This includes conducting consultations, preparing personalised recommendations, scheduling appointments, and following up on your progress.

Communication

We use your contact details to respond to enquiries, confirm appointments, send service-related updates, and provide follow-up support after sessions.

Business Operations

Personal data helps us manage bookings, process payments, maintain accurate records, and handle any disputes or complaints that may arise.

Improvement and Analysis

Aggregated and anonymised data helps us understand client needs, improve our services, and make informed business decisions. We analyse trends to enhance the quality of our consultations.

Legal Basis for Processing

Under data protection law, we process your personal information based on one or more of the following legal grounds:

Contract Performance: Processing is necessary to fulfil our service agreement with you, including delivering consultations and managing bookings.

Legitimate Interests: We process certain data to operate our business effectively, improve our services, and communicate with clients in appropriate ways.

Legal Obligations: Some processing is required to comply with legal requirements, such as maintaining financial records for tax purposes.

Consent: In specific situations, we ask for your explicit consent before processing particular types of personal data.

Data Sharing and Disclosure

We do not sell or rent your personal information to third parties. We share data only in limited circumstances:

Service Providers

We work with trusted third-party service providers who assist with payment processing, email communications, and website hosting. These providers access personal data only to perform specific tasks on our behalf and are contractually obligated to maintain confidentiality.

Legal Requirements

We may disclose personal information if required by law, court order, or governmental regulation. We will also share data if necessary to protect our legal rights, prevent fraud, or ensure safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity. We would notify affected individuals of any such transfer.

Data Retention

We retain personal information only as long as necessary for the purposes described in this policy or as required by law.

Client records, including consultation notes and style profiles, are kept for up to seven years after your last interaction with us. This allows us to provide continuity if you return for additional services and meets financial record-keeping requirements.

Email correspondence is retained for three years unless you request earlier deletion. Website usage data is typically retained for two years.

After the retention period expires, we securely delete or anonymise personal data so it can no longer identify you.

Your Rights

Data protection law grants you specific rights regarding your personal information:

Access

You can request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format.

Correction

If personal information we hold is inaccurate or incomplete, you have the right to request corrections or updates.

Deletion

In certain circumstances, you can ask us to delete your personal data. We will comply unless we have a legitimate reason to retain it, such as legal obligations.

Restriction

You may request that we restrict how we use your personal data in specific situations, such as while we verify the accuracy of information you've disputed.

Objection

You can object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

Portability

For data you've provided to us, you can request that we transfer it to another service provider in a structured, machine-readable format.

Withdraw Consent

Where processing relies on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing that occurred before withdrawal.

To exercise any of these rights, contact us at [email protected]. We will respond within one month of receiving your request.

Security Measures

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.

Our security practices include encrypted data transmission, secure server infrastructure, access controls limiting who can view personal information, and regular security assessments.

While we take reasonable precautions, no internet transmission or electronic storage method is completely secure. We cannot guarantee absolute security but continuously work to maintain appropriate safeguards.

International Transfers

Our primary operations are based in the United Kingdom. Some third-party service providers we use may process data outside the UK or European Economic Area.

When we transfer data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by regulatory authorities or adequacy decisions recognising equivalent data protection standards.

Children's Privacy

Our services are not directed at individuals under sixteen years of age. We do not knowingly collect personal information from children. If we become aware that we have inadvertently gathered data from a child, we will delete it promptly.

Cookies and Tracking

Our website uses cookies and similar technologies. For detailed information about what cookies we use and how to manage them, please see our Cookies Policy.

Third-Party Links

Our website may contain links to external sites not operated by us. We have no control over the content or privacy practices of these sites and are not responsible for their policies. We encourage you to review the privacy policy of any third-party site you visit.

Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we will update the "last updated" date at the top of this page.

If changes substantially affect how we handle your personal data, we will notify you via email or through a prominent notice on our website before the changes take effect.

We encourage you to review this policy regularly to stay informed about how we protect your information.

Contact and Complaints

If you have questions about this privacy policy or how we handle your personal data, please contact us:

Email: [email protected]
Address: 42 Kensington Church Street, London, W8 4BX, United Kingdom

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection matters. Visit www.ico.org.uk for more information.