All Collections
What else can I do to ensure I comply with GDPR?
What else can I do to ensure I comply with GDPR?
Written by Victor
Updated over a week ago

In order to comply with GDPR, it's important to:

  • Only upload customer data into Treatwell Pro from clients who have willingly provided their data in the course of making a direct booking with you (never from any other source) and only mark them as having consented to receive marketing if you have obtained GDPR consent.

  • Use strong passwords for Treatwell Pro.

  • Never share your Treatwell Pro login details.

  • Make full use of different access control types (for owners, receptionists, employees) to ensure salon employees have no more access to personal data than they need to perform their role.

  • Always ensure that login details are changed when an employee leaves.

  • Make sure your employees are aware of their responsibilities to GDPR and train them to understand the importance of looking after customer personal data. We all have a part to play.

  • If you have a website, ensure you have a GDPR compliant privacy statement that clients can see. You can find Treatwell’s current privacy statement here for the UK or here for IE.

  • Do not upload credit card details into Treatwell Pro as this is sensitive data that is not required to be held in Treatwell Pro.

  • Always think before writing notes into Treatwell Pro regarding customers and remember that all data could be requested by a client as part of a “Data Subject Access Request”. Only store data that you actually need.

Did this answer your question?