Studio Frid respects and protects your privacy. This notice sets out the different areas where user privacy is concerned and outlines the obligations and requirements of the users, the website at studofrid.no and the us, website owners. Furthermore, the way we use, store and protect any personal data we collect from you, or that you provide to us, will also be detailed within this policy.
The Information We Collect
When you book an appointment we collect personal details such as your name, email and telephone. This information is used identify you and contact you about the appointments and services you have booked. We may also use this information to communicate directly with you, including by sending you newsletters, promotions and special offers or information about new products and services. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in such communications.
To provide a safe and effective massage treatment we also need to collect information such as your medical background and lifestyle choices. This information is only used to make sure your treatment is as effective as possible.
Whilst you use the website we also receive information about your computer such as your IP address, operating system and browser details. This information helps us provide a better browsing experience for you.
When you buy a gift voucher we collect personal details such as your name, email, recipient’s name and possibly a postal address. This information is used to identify you and provide the service you have requested.
When you provide us with your personal information in the course booking an appointment, completing your massage intake form, making a payment or contacting us about our services, you are giving your consent to us collecting that information and using it for that specific reason.
For the purpose of legal protection we are required to hold the personal information you have given to us in the course of provide you with massage services and the notes about those treatments for a minimum of seven years. Seven years after your last treatment we will permanently delete all your personal information that we hold. If you withdraw your consent during the seven year retention period, we will archive your data until the seven year period expires. Whilst your information is archived, we will not access or process it in any way accept if needed for legal protection or if we’re required to do so by law.
Should you wish to withdraw your consent at any time please email firstname.lastname@example.org with your request.
We may also use your information to communicate directly with you, including by sending you newsletters, promotions and special offers or information about new products and services. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in such communications. Please note, however, that you may be unable to opt-out of certain service-related communications.
How can I access, update or amend my personal information?
You have the right to review the personal information we store about you and your massage sessions at any time. You also have the right to request we update or amend your data if it is incorrect. To action any of these rights, please email email@example.com with your request.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
Data Handling & Storage
Our appointment booking and document service is provided by Acuity Scheduling. They specialise in providing secure collection, processing and storage personal data worldwide.
Your data is stored through Acuity Scheduling using their data storage facilities, databases and the Acuity Scheduling web framework, on secure servers is always encrypted when in storage and whilst being transmitted across the internet.
If you choose to pay for your massage with a debit or credit card your information will be passed to our payment processors – either PayPal or Stripe for online card payments or iZettle for card payments in person.
We never store your credit card details, it is always processed by third-parties. It is encrypted through the Payment Card Industry Security Standard (PCI-DSS).
Both PayPal and Stripe offer a service whereby you can pay online quickly using credit or debit card details previously stored with them. We can’t see your stored card details or information.
Paypal, Stripe and iZettle all adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
In general, the third-party providers we use will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Norway and your transaction is processed by a payment gateway located in the United States, then your personal information used to complete that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click links on our website, they may direct you away from our website. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
If this business is acquired or merged with another business, your information may be transferred to the new owners so that they may continue to provide you with the massage services you have requested.
Questions & Contact Information
To request your information is updated, amended or deleted, or if you have any questions about how your information is collected, stored and used, please email firstname.lastname@example.org.
If, for any reason, you are unhappy with how we are handling your data, please raise your concerns with us first at email@example.com, so that we may find a resolution.