top of page
Image by Chandra Oh

& Privacy Policy



This Privacy Policy details how we, Glam AF, collect, use and process personal data. If you have any questions on this Privacy Policy or otherwise relating to how we process your personal data you can contact us at

This privacy policy affects your legal rights and obligations so please read it carefully. If you do not agree to be bound by this Privacy Policy, please do not provide your personal data to us.

We may update this Privacy Policy from time to time at our discretion and in particular to reflect any changes in applicable laws. If we do so, and the changes substantially affect your rights or obligations, we shall notify you if we have your email address. Otherwise, you are responsible for regularly reviewing this Privacy Policy so that you are aware of any changes to it.

We are the controller of the personal data provided to us for the purposes of applicable data protection legislation.


We receive, collect and Store any information you enter on our website or provide us is any other way. In addition, we collect the internet protocol (IP) address used to connect your computer to the internet; login; email address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visit to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communication); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.


By personal data we mean identifiable information about you, such as your first name and last name, email address, geographical address, mobile and home telephone number, your IP address or a photo of your hair from the salon.


From time to time you may provide to us personal data. This may be because you wish to:

  • use our website;

  • visit the salon;

  • book an appointment with us;

  • sign up to receive marketing information from us;

  • provide feedback or reviews to us;

  • provide services to us; or

  • otherwise contact us including with queries, comments or complaints.

You may provide personal data to us directly, or to us via our social media platforms.

We may collect, use, store and transfer different kinds of personal data about you:

  • Identity Data: includes first name, last name, username, or similar identifier, title, date of birth and gender;

  • Contact Data: includes billing address, delivery address, email address and telephone numbers;

  • Transaction Data: includes details about payments and from young other details of products and services you have purchased from us;

  • Technical Data: include internet protocol (IP) address, your login data, browser type and version, time zone, settings and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;

  • Profile Data: includes your username and password, purchases or orders made by you, preferences, feedback and service details;

  • Allergy Test Data: includes allergy test information and details of any medical conditions that might affect services;

  • Usage Data: includes information about how you use our website, products and services;

  • Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences;

We shall process all such personal data in accordance with this Privacy Policy. Certain personal data is mandatory to be provided to us in order that we can fulfil your request.

All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identity fraud, we will record this and we may also report this to appropriate authorities.

When you contact us by email or post , we may keep a record of the correspondence.

We may also take photos or video content of you while you are in the salon and use this content across our social media platforms and website for marketing purposes.


When you use our platform, we may automatically collect and store information about your device and your activities. This information could include:

  • technical information about your device such as type of device, web browser or

  • operating system;

  • your preferences and settings such as time zone and language;

  •  how long you used the app and which services and features you used.

Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, please see our cookies policy.


If we reasonably believe that any of the personal data you have provided to us is inaccurate, we may receive further personal data from third parties, confirming or otherwise, your identity.

We may also receive personal data about you from our security service partners and any payment providers we may engage. We currently use PayPal to manage payments.


We will only use your personal data where we have a lawful basis to do so. The lawful purposes that we rely on under this Privacy Policy are:

  • consent (where you choose to provide it);

  • compliance with legal requirements; and

  • legitimate interests

When we refer to legitimate interests we mean our legitimate business interests in the normal running of our business which do not materially impact your rights, freedom or interests.

We may from time to time need to use your personal data to comply with any legal obligations, demands or requirements, for example, as part of anti-money laundering processes or to protect a third parties rights, property, or safety.


Glam AF is hosted on the platform. provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through data storage, databases and general applications. They store your data on secure servers behind a firewall.

All direct payment gateways offered by and used by Glam AF adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and service providers.

For our legitimate interests, we may share your personal data with our service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with outr instructions, including IT service providers, payment providers, accountants, auditors and lawyers.

We shall provide our service providers, sub-contractors and agents only with such of your personal data as they need to provide the service for us and if we stop using their services, we shall request that they delete your personal data or make it anonymous within their systems.

We currently use and  MailChimp who manage our online registrations and emails.

We currently use photo and video content captured in the salon for marketing purposes across our social media profiles and websites. The stylist may also use the photo or video content for marketing purposes on their personal social profiles and Henfreys social profiles too.

Again for our legitimate interests, we may share your personal data in connection with, or during negotiations of, any merger, sale of assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.


Some or all of your personal data maybe stored or transferred outside of the European Economic Area (the EEA) for any reason, including for example, if our email server is located in a country outside the EEA or if any our service providers are based outside of the EEA.

Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data or to a third party where we have approved transfer mechanisms in place to protect your personal data - i.e., by entering into the European Commission's Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties).


We may contact you to notify you about you regarding your account, to resolve a dispute, to troubleshoot problems with your account, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about Glam AF/Alice Flewitt, or as otherwise necessary to contact you to enforce Our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you by email, telephone, text message, WhatsApp, and postal mail.


We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. In particular, access is restricted to employees who need to know your personal data, and we use appropriate password protection and appropriate strong encryption electronic measures within our electronic data management systems.

However, unfortunately, because of the nature of electronic storage, we cannot promise that your personal data or any other data you provide to us will always remain secure. If there is a security breach, we will do all that we can as soon as we can to stop the breach and minimise the loss of any data.


You may consent to receive marketing email messages from us about the services we offer and our platform. You can choose to no longer receive marketing emails from us by contacting us or clicking unsubscribe from a marketing email. Please note that it may take us a few days to update our records to reflect your request.

If you ask us to remove you from our marketing list, we shall keep record of your name and email address to ensure that we do not send you marketing information.

We currently use photo and video content captured in the salon for marketing purposes across our social media profiles and websites. The stylists may also use the photo or video content for marketing purposes on their personal social profiles too. If you do not wish to have your photo or video taken, please notify us in the salon. If you want any content of you removed from our platforms after your appointment, please contact us on contact@theglamaf.comand we will remove it in a timely fashion.


You have a number of rights under applicable data protection legislation. Some of these rights are complex, and not all of the details have been included below. Further information can be found here

  •  Right of access: You have the right to obtain from us a copy of the personal data that we hold for you.

  • Right to rectification: You can require us to correct errors in the personal data that we process for you if it is inaccurate, incomplete or out of date.

  •  Right of portability: You can request that we transfer your personal data to another service provider.

  • Right to restriction of processing: In certain circumstance, you have the right to require that we restrict the processing of your personal information.

  • Right to be forgotten: You also have the right at any time to require that we delete the personal data that we hold for you, where it is no longer necessary for us to hold it. However, whilst we respect your right to be forgotten, we may still retain your personal data in accordance with applicable laws.

  • Right to stop marketing information: You can ask us to stop sending you information about our services, but please note we shall continue to contact you in relation to any matters relating to your appointment, if you have one.

  • Right for removal of photo or video content from our social media platforms or website: If you do not wish a piece of content that you are featured in to be on our social media platforms or website, please contact us directly for it to be taken down.

We receive the right to charge an administrative fee if your request in relation to your rights is manifestly unfounded or excessive.

If you have any complaints in relation to this Privacy Policy or otherwise in relation to our processing of your personal data, please tell us. We shall review and investigate your complaint and try to get back to you within a reasonable time. You can also contact the information Commissioner, see or if you are based outside of the United Kingdom, please contact your regulatory authority.




Subject to the provisions of this Privacy Policy, we will retain personal data in accordance with applicable laws.

In particular, we shall retain your personal data for as long as you access or use our services. However, we may also be required to retain personal data for a particular period of time to comply with legal, auditory or statutory requirements, including requirements of HMRC in respect of financial documents.


Our platform may contain links to third party websites. We are not responsible for the content of those website, and id if you provide any information to that website, then this Privacy Policy does not apply. You should check the third party website to find the applicable privacy policy.

If any provision of this Privacy Policy is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision shall be construed, as nearly as possible, to reflect the intentions of the parties and all other provisions shall remain in full force and effect.

This Privacy Policy shall be governed by and construed in accordance with English law and you agree to submit to the exclusive juristriction of the English Courts.

Last updated: November 2019


If your have any questions about this Privacy Policy, please contact us:

bottom of page