Privacy Policy

1. Who We Are

Business Name: Noir Standard Barbershop

Address: Your business address in NL

Email: Your contact email

As the Data Controller, we determine how and why your personal data is processed.

2. Personal Data We Collect

We may collect the following categories of personal data:

Identity Data: name, date of birth (if required for services).

Contact Data: phone number, email address.

Booking Data: appointment details, service preferences.

Payment Data: card details (processed securely by third-party providers, not stored by us).

Website Data: IP address, cookies, browsing activity (see Section 8 on cookies).

3. How We Use Your Data

We use your data for the following purposes:

To manage appointments and provide our services.

To communicate with you about bookings, cancellations, or changes.

To process payments and issue receipts.

To send you service updates, offers, or promotions (only if you consent).

To comply with legal obligations (e.g., tax and accounting laws).

4. Legal Basis for Processing

We process your personal data only where we have a valid legal basis under GDPR:

Contract: to perform our services (e.g., booking and managing appointments).

Consent: when you opt-in for marketing communications.

Legal Obligation: to comply with Dutch tax and business regulations.

Legitimate Interest: to improve our services and website security.

5. Sharing Your Data

We do not sell or rent your data. We may share it with:

Service providers: e.g., booking software, payment processors, email platforms.

Legal authorities: where required by law or to protect our legal rights.
All partners are GDPR-compliant and process your data securely.

6. Data Retention

We keep your personal data only as long as necessary:

Booking and contact details: up to 2 years after your last appointment.

Invoices and payment records: up to 7 years (as required by Dutch tax law).

Marketing data: until you withdraw consent.

7. Your Rights

You have the following rights under GDPR:

Access: request a copy of your personal data.

Rectification: correct inaccurate or incomplete data.

Erasure ("Right to be Forgotten"): request deletion of your data.

Restriction: limit how we process your data.

Portability: receive your data in a machine-readable format.

Objection: object to certain processing, including marketing.

Withdraw Consent: withdraw consent at any time.

To exercise these rights, contact us at DATA CONTROLLER EMAIL.

8. Cookies & Website Tracking

Our website uses cookies to improve your browsing experience and analyze site traffic.

You can manage cookie preferences in your browser settings.

9. International Transfers

We do not transfer your data outside the European Economic Area (EEA). If any service provider stores data outside the EEA, we ensure adequate safeguards are in place (e.g., EU Standard Contractual Clauses).

10. Security

We take appropriate technical and organizational measures to protect your data, including encryption, access controls, and staff training.

11. Complaints

If you believe we have mishandled your data, please contact us first.
You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): https://autoriteitpersoonsgegevens.nl.

12. Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website, and significant changes will be communicated to you directly (where possible).