Your hair or beauty business may receive a letter from the (ICO) Information Commissioner’s Office within the next week or two. Make sure you look out for it. 

Don’t ignore this letter. You may need to check your salon or barbershop post to make sure you don’t miss it while your premises are closed. 

The letter is about GDPR and is a reminder to businesses that they may have to register with the ICO and pay a data protection fee. 

You must respond to this letter by 15 March 2021, or the ICO will chase you up.

This blog post covers:

Most hair and beauty businesses will NOT have to pay the data protection fee 

The vast majority of hair and beauty businesses, including self-employed chair, space and room renters, will not have to register with the ICO. 

But you must still go to the ICO website to confirm that you do not have to register or pay the fee. 

Important: even if you do not need to register and pay, you must still fully comply with GDPR. NHBF Members can download our free guide and templates toolkit.

Not yet a Member? Join now for less than 80p a day.

   

Operating CCTV? You WILL have to register   

Please note: if you are responsible for operating CCTV inside or outside your business premises you will have to register with the ICO and pay the data protection fee.

 

Find out more about what to do on the ICO website 

Phone

Check if you need to register 

You must register and pay the fee if you operate CCTV inside or outside your premises. 

In addition, you may have to register if, for example: 

  • You are running your business as a franchisee.
  • You are based in a hotel or spa.
  • You carry out credit checks on clients. 

Training provider organisations must always register and pay the data protection fee. 

You can use the ICO’s self-assessment checker to help you decide if you need to register or not. 

Important note: question 7 in the self-assessment has confused some people. Most hair and beauty businesses should answer ‘no’ to all the options as the activities described are not the main purpose of a hair or beauty business.

If you are in any doubt, contact the ICO for help. 

Getting salon found

Penalties for non-payment  

If your business does have to pay the data protection fee and you fail to do so, you may be fined up to £4,000.

Checklist

  • Don't ignore your letter from the ICO.
  • You must respond - even if you don't have to pay the data protection fee.
  • Most salons and barbershops will not have to pay.
  • You will have to pay if you operate CCTV, and in some other circumstances.
  • If you are in any doubt, check with the ICO.

You may also be interested in...

Data protection laws got tougher when GDPR came into force in 2018. Your hair/beauty salon or barbershop must understand and comply with additional data protection laws as set out in GDPR. NHBF Members can download our free in-depth guide and templates. Find out more.