Privacy Policy

The Looking Glass Beauty
Last Updated: January 2026

1. Who we are

This Privacy Policy explains how The Looking Glass Beauty (“we”, “us”, “our”) collects, uses, stores and protects your personal data when you use our website, contact us, book appointments, purchase products, or access digital content.

Data Controller: The Looking Glass Beauty
Address: The Looking Glass, 4a Roushill, Shrewsbury, SY1 1PQ
Phone: 01743 669166
Email: info@tlg-beauty.co.uk

We are the “data controller” for the personal data we process, unless otherwise stated.

2. What information we collect

We may collect and process the following types of personal data:

2.1 Information you give us directly

  • Name
  • Email address
  • Phone number
  • Billing/shipping address (for product orders)
  • Order details (what you purchased, delivery info)
  • Messages you send us (via forms, email or social)
  • Booking details (appointment date/time/service/provider)
  • Any information you choose to share related to service suitability (e.g. allergies/sensitivities), if you provide it

2.2 Information collected automatically (website usage)

When you browse our website, we may automatically collect:

  • IP address
  • Device type and browser type
  • Pages visited and time spent on the website
  • Referral source (how you found our site)
  • Cookie data (see Cookies section)

2.3 Information from third parties

We may receive booking-related information through Fresha (our third-party booking provider) if you book via their system. Fresha will also process certain personal data under their own Privacy Policy.

We may also use third-party payment providers (e.g., card processors, digital wallet providers). We do not receive or store your full card details.

3. How we use your personal data

We use your data to:

  • Provide and manage bookings and services
  • Respond to enquiries and provide customer support
  • Process orders, payments, delivery and returns
  • Provide access to digital products/courses (where applicable)
  • Improve our website and customer experience
  • Prevent fraud and keep our services secure
  • Comply with legal obligations (e.g. accounting/tax records)
  • Send marketing communications only if you have opted in (you can opt out anytime)

4. Our lawful bases for processing (UK GDPR)

Under UK GDPR, we must have a lawful basis for processing your data. We rely on:

  • Contract: to fulfil bookings, orders, and provide services/products you request
  • Legal obligation: to keep records required by law (e.g. tax/accounting)
  • Legitimate interests: to operate our business, improve services, prevent fraud, maintain security, and communicate about your booking/order
  • Consent: for marketing emails/texts and for certain cookies (where required)

You can withdraw consent at any time (this won’t affect processing that happened before you withdrew it).

5. Booking system: Fresha

Treatment bookings are currently managed via Fresha, which may collect and process personal data to provide booking services. Fresha acts as a separate controller/processor depending on the data and context.

If you book using Fresha, please also review Fresha’s own privacy policy, as they may process your information independently.

6. Payments

Payments may be processed using third-party payment processors. We do not store your full payment card details.

Payment providers will process payment information under their own policies and security standards.

7. Marketing

We may send marketing emails or messages only if:

  • you have opted in; or
  • we otherwise have a lawful right to contact you under applicable rules (e.g. “soft opt-in” where permitted for existing customers, and you’re given a clear opt-out).

You can opt out anytime by:

8. Cookies

Cookies are small text files stored on your device when you visit a website.

We may use cookies to:

  • help the site function properly
  • understand website traffic and user behaviour
  • remember preferences (where applicable)

Some cookies are essential and can’t be disabled without impacting the site. For non-essential cookies, we will ask for consent where required.

You can manage cookies in your browser settings and delete them anytime.

9. Who we share data with

We may share personal data with trusted third parties only where necessary, including:

  • Booking provider: Fresha
  • Payment processors: to take payments securely
  • Delivery providers/couriers: to deliver physical products
  • Website/hosting providers: to run and secure our website
  • Professional advisers: accountants, legal advisers, insurers
  • Regulators or authorities: if required by law

We do not sell your personal data.

10. How long we keep your data

We keep your data only as long as needed for the purposes described in this policy, including legal and accounting requirements.

Typical retention periods:

  • Booking/order records: usually kept for up to 6–7 years for accounting/tax purposes
  • Enquiries: retained as long as needed to respond and keep appropriate records
  • Marketing: until you unsubscribe or withdraw consent (or we clean inactive lists)

We may keep data longer if required for legal claims or regulatory reasons.

11. How we protect your data

We use appropriate technical and organisational measures to protect data, including:

  • secure systems and access controls
  • limiting access to staff/practitioners who need the data
  • reputable third-party providers for booking and payments
  • procedures to manage suspected data breaches

No system is 100% secure, but we take security seriously and work to minimise risk.

12. Your rights (UK GDPR)

You have rights over your personal data, including:

  • Right of access: request a copy of your data
  • Right to rectification: correct inaccurate data
  • Right to erasure: request deletion (where applicable)
  • Right to restrict processing: limit how we use your data
  • Right to data portability: receive your data in a usable format
  • Right to object: object to processing based on legitimate interests or direct marketing
  • Right to withdraw consent: where processing is based on consent

To exercise your rights, email info@tlg-beauty.co.uk. We may ask for ID to confirm it’s you.

13. Complaints

If you have concerns about how we handle your data, please contact us first so we can put it right:

📧 info@tlg-beauty.co.uk

You also have the right to complain to the UK regulator:

Information Commissioner’s Office (ICO) (UK)

14. Links to other websites

Our website may contain links to other sites (including booking or social platforms). We are not responsible for the privacy practices of third-party websites. Please review their policies.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website, and the “Last Updated” date will change accordingly.

Egestas purus viverra accumsan in nisl nisi scelerisque eu ultrices. Quam pellentesque nec nam aliquam sem et tortor consequat. Elementum integer enim neque volutpat ac. Donec enim diam vulputate ut pharetra. Facilisis volutpat est velit egestas dui id ornare arcu. Sed lectus vestibulum mattis ullamcorper velit sed ullamcorper.

Sed faucibus turpis in eu mi bibendum neque egestas congue. Lectus nulla at volutpat diam. Blandit turpis cursus in hac habitasse. Praesent elementum facilisis leo vel fringilla est ullamcorper eget nulla. Quam lacus suspendisse faucibus interdum. Duis at tellus at urna condimentum. Accumsan sit amet nulla facilisi morbi tempus.

Trending now

Fringilla Phasellus Faucus Scelerisque Eleifend Donec
Fringilla Phasellus Faucus Scelerisque Eleifend Donec
Aturna condimentum mattis pellentesque nibh tortor
Aturna condimentum mattis pellentesque nibh tortor
Eleifend donec pretium vulputate sapien sagittis
Eleifend donec pretium vulputate sapien sagittis
Libero faucibus nistincidunt elementum integer
Libero faucibus nistincidunt elementum integer