Layerd | Layerd Style - Expert Stylists at your place

Privacy Policy This Privacy Policy explains how Layerd Style Platform Ltd (“Layerd Style”, “we”, “us”) collects, uses, stores, shares, and protects your personal data when you use our website, mobile application, and related services (the “Platform”), in accordance with the UK GDPR and the Data Protection Act 2018. ⸻ 1. Data Controller Layerd Style Platform Ltd Email: privacy@layerd.style We are the data controller responsible for your personal data. ⸻ 2. Scope of This Policy This Privacy Policy applies to: • Clients booking services through the Platform • Partners (independent hairdressers) offering services • Visitors to our website • Communications with our support team It does not apply to services provided by Partners outside the Platform or to third-party websites linked from the Platform. ⸻ 3. Categories of Personal Data We Collect We may collect the following categories of personal data: A. Information You Provide • Identity data (name, profile photo) • Contact data (email address, phone number) • Account credentials • Booking details, preferences, and service history • Messages exchanged via the Platform • Reviews, ratings, and feedback • Support communications B. Payment & Transaction Data • Payment status, amounts, timestamps • Payout and bank information (Partners only) ⚠️ We do not store full card numbers or CVV details. C. Technical & Usage Data • IP address • Device type, browser, operating system • Log files and diagnostic data • Usage behaviour and interaction data D. Location Data • Service location addresses provided for bookings • Approximate location inferred from IP (for security and fraud prevention) ⸻ 4. How We Use Your Data (Purposes) We process personal data to: • Create and manage user accounts • Facilitate bookings, payments, and payouts • Enable communication between Clients and Partners • Provide customer support • Improve platform functionality and user experience • Detect, prevent, and investigate fraud or misuse • Ensure platform security and integrity • Comply with legal, tax, and regulatory obligations ⸻ 5. Legal Basis for Processing We rely on the following legal bases under UK GDPR: • Contractual necessity – to provide the Platform and services • Legitimate interests – platform operation, fraud prevention, improvement • Legal obligation – accounting, tax, regulatory compliance • Consent – where required (e.g. marketing communications) You may withdraw consent at any time. ⸻ 6. Payments & Third-Party Providers Payments and payouts are processed by third-party providers such as Stripe. These providers act as independent data controllers or processors under their own privacy policies. Layerd Style: • Does not store full payment card details • Only receives limited transaction metadata necessary to operate the Platform ⸻ 7. Data Sharing We may share personal data with: • Payment processors (e.g. Stripe) • Cloud hosting providers • Analytics and performance monitoring services • Customer support and communication tools • Fraud prevention and security services • Regulatory bodies or authorities where legally required We never sell your personal data. ⸻ 8. International Transfers Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including: • Adequacy regulations • Standard contractual clauses • Equivalent data protection mechanisms ⸻ 9. Data Retention We retain personal data only for as long as necessary for: • Providing and maintaining the Platform • Legal, tax, and regulatory compliance • Dispute resolution and enforcement of agreements Retention periods vary depending on data type and legal requirements. ⸻ 10. Your Rights Under UK GDPR, you have the right to: • Access your personal data • Rectify inaccurate or incomplete data • Request erasure (“right to be forgotten”) • Restrict processing • Object to processing • Data portability • Withdraw consent at any time Requests can be made via privacy@layerd.style. ⸻ 11. Data Security We implement appropriate technical and organisational measures to protect personal data, including: • AES-256-GCM encryption for sensitive data • Secure access controls • Regular security reviews However, no system can be guaranteed to be completely secure. ⸻ 12. Children’s Data The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. ⸻ 13. Changes to This Policy We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date. ⸻ 14. Contact 📧 privacy@layerd.style