Data Retention Policy

This policy sets out what information Nino Milano Studio Hairdressing holds, how long we hold it for and when it will be deleted.

It also covers the procedure to follow regarding data requests.

  •  Information held by us
  • How long is personal data held for?
  • Where is personal data held?
  • How is personal data deleted?
  • Access to personal information, correction and deletion
  • INFORMATION HELD BY US
  • We hold personal information about:
  • Clients
  • Former clients and prospective clients
  • Employees
  • Job applicantsWe also hold information about financial transactions relating to these eg services or treatments provided, products bought, payroll information.
  • HOW LONG IS PERSONAL DATA HELD FOR?We aim not to hold personal data longer than necessary.
  • Unless requested by an individual, the following types of data will be held for the periods shown below, after which it will be securely deleted or destroyed:

TYPE OF INFORMATION

RETENTION PERIOD

Client general records

12 months

Client health records

4 years

Financial transactions, invoices and supplier details

6 years

Employee records, contracts of employment, changes to terms and conditions, annual leave, training records

While employment continues and up to 6 years after employment ends

Payroll and wage records including

6 years from the financial year-end in which

PAYE, income tax, national insurance, sick pay, redundancy payments

payments were made

Maternity records

3 years after the end of the tax year in which the maternity pay period ends

Job applications (unsuccessful)

4 months after notifying unsuccessful candidates

Emails

One year from the end of the month in which they were received or sent unless a longer period is relevant as above. Emails to and from ex-employees or contractors will be deleted within 2 weeks of them leaving unless these form part of the employment record – see above.

WHERE IS PERSONAL DATA HELD?

Personal data about clients, financial transactions and employees are held in a locked cabinet which can be accessed only by [The Director].

HOW IS PERSONAL DATA DELETED?

Personal data is permanently deleted in accordance with the retention periods listed above from:

–  Emails
– Paper records, which are securely shredded.

ACCESS TO PERSONAL INFORMATION, CORRECTION AND DELETION

See our privacy notice https://ninomilanostudio.co.uk/privacy-policy/ 

All requests for access to personal information will be handled by The Director. Responses to requests will be made within 30 days.

All information relating to the individual will be compiled into a report and collected from:

  •   Financial transactions
  •   Emails
  •   Paper records
  • Date completed 10 May 2018