Privacy Policy

Last updated: 12/04/26

1. Who I am

This Privacy Policy explains how Tomilola Beauty (“I”, “me”, “my”) collects and uses your personal data.

If you have any questions or would like to make a data request, you can contact me at:
Email: tomilolabeauty.bookings@gmail.com

2. What personal data I collect

When you book an appointment or contact me, I may collect the following personal data:

  • Your name

  • Your email address

  • Your phone number (if provided)

3. How I use your data

I use your personal data to:

  • Manage and schedule your appointments

  • Contact you regarding your booking (e.g. confirmations, reminders, updates)

  • Provide makeup services

I will only use your personal data for marketing purposes if you have explicitly opted in to receive such communications.

4. Lawful basis for processing

Under UK GDPR, I rely on the following lawful bases:

  • Contract – to provide the services you have booked

  • Legitimate interests – to manage my business and communicate effectively with clients

If you opt in to receive marketing communications, I rely on:

  • Consent – which you can withdraw at any time

5. How your data is stored

I use trusted third-party platforms to manage my business, including:

  • Squarespace (website hosting)

  • Acuity Scheduling (appointment booking)

  • Stripe (payment processing)

If you make a payment or pay a deposit, your payment details are processed securely by Stripe. I do not have access to your full card details.

These providers act as data processors and may securely store your data on their systems in accordance with applicable data protection laws.

6. How long I keep your data

I retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy. Typically:

  • Up to 12 months after your last appointment

I may retain certain information for longer where required for legal, tax, or insurance purposes.

7. Sharing your data

I do not sell, rent, or trade your personal data.

Your data is only shared with trusted third-party service providers where necessary to operate my business, such as booking systems and payment processors (e.g. Stripe).

8. Your rights

Under UK GDPR, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of your data

  • Object to or request restriction of processing

To exercise any of these rights, please contact me using the details above.

9. Data security

I take appropriate technical and organisational measures to protect your personal data, including secure systems and password protection.\

10. Cookies

This website uses cookies to ensure it functions properly and to understand how visitors use the site.

Essential cookies
These are required for core functionality, such as booking systems and security. These cannot be switched off.

Analytics cookies
I use analytics tools provided by Squarespace to collect information about how visitors use my website (such as pages visited and time spent on the site). This helps me improve my website and services.

When you visit this website, you will be given the option to accept or manage cookies.

This website is hosted on Squarespace, which may place cookies as part of its services, including analytics and functionality.

You can also control cookies through your browser settings. Please note that disabling essential cookies may affect how the website functions.

10. Changes to this policy

I may update this Privacy Policy from time to time. Any updates will be posted on this page, and the “Last updated” date will be revised accordingly.