Skip to content

    National Minimum Wage rates changed on 1 April 2026. Check you're being paid correctly. Use the checker →

    BeautyKiln

    GDPR Quick Reference

    Key data protection obligations for self-employed beauty professionals.

    ICO Registration Fee

    £40/year for most sole traders (Tier 1). Pay online at ico.org.uk. Penalty for non-registration: up to £4,000.

    Lawful Basis

    For client records: Legitimate Interest or Contract. For marketing: Consent (opt-in only).

    Privacy Notice

    Must tell clients: what data you collect, why, how long you keep it, and their rights. Display in salon and on website.

    Data Retention

    Client records: keep for treatment duration + 7 years (limitation period). Marketing consent: review annually.

    Client Rights

    Access (see their data), Rectification (correct it), Erasure (delete it), Portability (copy in usable format).

    Subject Access Request

    Client asks for their data — you must respond within 1 month. Usually free.

    Data Breach

    If client data is stolen/lost: report to ICO within 72 hours if it's a risk to the individual.

    Third Parties

    If you use a booking system, CRM, or email tool — they're your 'data processor'. Check they're GDPR compliant.

    Key Numbers

    ICO Fee
    SAR Response
    Breach Report

    Want to sponsor this section? Learn more

    We use a single essential cookie to remember your choice. If you accept, we also load Plausible — a privacy-friendly, cookieless analytics tool — to count anonymous page views. No tracking pixels, no advertising. Learn more