GDPR identifies two core parties responsible for data protection: the data controller and the data processor. As a salon, you are the controller. You collect the data and choose how that data is collected and how to use that data for styles, colours, treatments, marketing, retail promotions, etc. In other words, you are making decisions on how your clients’ personal data should be collected and used. Phorest Salon Software is a processor, as it is a tool that can help you do this. Salons using our software are using it to process and collect the personal data.
This is why it is so important to have a GDPR compliant software solution!
– In the case of your staff’s data, for example, you are still the data controller, but your accountant or accounting software would be the data processor. This is also the reason why just using a GDPR compliant salon software doesn’t automatically make you 100% GDPR-compliant. You need to consider how you and all third-parties involved handle personal data. You will have to put in place policies and procedures for data handling, training and managing staff and checking with third party data processors.