top of page

privacy policy

Privacy Policy in accordance with GDPR for Grace Lydia Pro Makeup Artistry.

This privacy policy in regard to the GDPR Compliance clearly explains and discloses the ways in that we receive data and how we store data if for any reason we may be required to do so.
This is to fulfil the legal requirement to protect a client/visitors privacy.

What type of data do we collect?
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; e-mail address; name; computer information; phone number; booking address and any sensitivities to products. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, and email communications); payment details (by email, no credit/debit card information will be stored on the website, only by email reference*), comments, feedback,  reviews, recommendations, and personal profile if one is created.

How do we collect information?

When you contact us, either via email or through one of our social media pages, regarding a booking, we will take your name, address where the makeup or hair service is taking place, email address and contact number for reference. You will be given details to which you can pay the deposit/booking fee, we do not store any payment details*. We will also take down any details for the bridal party if a wedding booking is taking place and also any medical records such as allergies to products or sensitivities (you will also fill out a consent form (we will also ask for consent to take photos and post them on social media and website) and client record card to state any allergies, medications or sensitivities as well as health conditions which all paper forms will be locked away in a cabinet that only I have access to however you can view your own client record card and consent form and you also have the right to ask for them to be destroyed however if this is the case I will not be able to perform future treatments without a form of consent or any written or noted consent.)

we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.


Why do you collect such sensitive information?

We collect such Non-personal and Personal Information for the following purposes:

  1. To provide and operate the Services;

  2. To cover for consent purposes and also to cover ourselves in accordance with our public and professional liability insurance with BABTAC/Balens.

  3. To provide our Users with ongoing customer assistance and technical support;

  4. To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;

  5. To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services; 

  6. To comply with any applicable laws and regulations.

How do you store, use, share and disclose your site visitors’ personal information?

Our company website is hosted on the platform. provides us with the online platform that allows us to sell our services to you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall. This website is run on an Encrypted computerised device, in which only the company owner has access to it. Therefore no data will pass through any other way than this website, the email or texts or messages through social media to and from the company owner Grace Lydia and the client. Every form via paper is locked away in a secure unit I, Grace Lydia am the only one to Have access to, and if Said client wants to see their file then I will be able to retrieve it for them. The laptop device is encrypted and multiple password protected so that it cannot be used for anything except business matters and I, Grace Lydia am the only person to have access however clients can request me to send their personal file to themselves via a secure email. Grace Lydia’s smartphone is  also password protected, thumb print protected and encrypted so that data is securely protected. All clients have the option and consent to be able to ask Grace Lydia to delete any messages or emails  or shred any documents and remove them from the files however they must accept that if they did want any more treatments, Grace Lydia would not be able to perform any treatments until new consent and client cards are filled out otherwise insurance is not covered to perform treatments. Clients will be asked for consent to be kept notified on offers, consent to have treatments performed, photos to be took and used for social media purposes and on website.


How do you communicate with your site visitors?

We may contact you to notify you regarding your booking, to troubleshoot any problems with said booking if any problem occurs with either the deposit, payment or data entry, to resolve a dispute, to collect deposit/booking fee or monies owed, to poll your opinions through surveys or questionnaires, to give feedback and reviews on services, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail, you will also be asked for your consent to send you mail and to give you a chance to opt in or out at every opportunity.

How do you use cookies and other tracking tools?

The cookies used on this website are listed below:

-svSession is a Permanent cookie which Creates activity and BI

-hs is a Session cookie which is used for Security

-incap_ses_${Proxy-ID}_${Site-ID} is a Session cookie which is used for Security

-incap_visid_${Proxy-ID}_${Site-ID} is a Session cookie which is used for Security

-nlbi_{ID} is a Persistant cookie which is used for Security

-XSRF-TOKEN is a Persistant cookie which is used for Security

-smSession is a cookie that has a two week life span and is used for identifying site members logged in

We also use google analytics that work by tracking your IP address in order to determine how many visitors are from a certain area, age range and often gender to establish a target audience. This can be seen by typing my website in to the google analytics website for any information. Data is simply used to determine the target audience visiting this website.

All consent forms and client record cards are kept for 7 years and then securely destroyed unless the client asks for them or asks for them to be destroyed before then.

bottom of page