Privacy Policy
Our website address is: https://salongrid.com.
Last Updated: May 09, 2026 · Effective: May 09, 2026
SalonGrid is a software platform provided by Coneura Technologies Limited (“SalonGrid,” “we,” “us,” or “our”) that enables salon owners and beauty professionals to manage bookings, clients, payments, and business operations.
This Privacy Policy explains how we collect, use, store, and share personal information when you use SalonGrid’s platform and related services (the “Services”), and what rights you have regarding that information. It applies to salon owners, staff, and the end-clients whose data is processed through our platform.
By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Services.
1. Scope
This Privacy Policy applies to all individuals who interact with SalonGrid, including:
- Salon Owners / Operators — businesses and individuals who subscribe to SalonGrid to manage their salon.
- Salon Staff — employees or contractors added to a SalonGrid account by a salon owner.
- Salon Clients — end-customers whose personal data is processed by SalonGrid on behalf of a salon (e.g., appointment records, contact details).
- Website Visitors — individuals who browse our marketing website at salongrid.com.
Data Controller vs. Processor: For data relating to salon owners and staff, SalonGrid acts as a data controller. For personal data about salon clients uploaded or generated through a salon’s account, SalonGrid acts as a data processor on behalf of the salon (the data controller). Salons are responsible for ensuring they have a lawful basis to share their clients’ data with us.
2. What We Collect
Salon Owner & Staff Data
| Category | Examples | Purpose |
|---|---|---|
| Identity & Contact | Full name, email address, phone number, profile photo | Account creation, authentication, communications |
| Business Information | Salon name, address, trading name, business type, VAT/tax number | Service delivery, invoicing, compliance |
| Account Credentials | Email address, one-time passcode (OTP) delivered via email | Secure passwordless authentication |
| Billing & Subscription | Subscription tier, billing address, invoice history — card data held by Stripe / Paystack | Subscription management and payment processing |
| Usage & Activity | Log-ins, feature usage, session data, device/browser info, IP address | Security, product improvement, support |
| Communications | Support tickets, emails, chat messages with SalonGrid | Customer support, service improvement |
Salon Client Data (processed on behalf of salons)
| Category | Examples | Source |
|---|---|---|
| Identity & Contact | Name, email, phone number | Entered by salon or client at booking |
| Appointment Data | Booking history, services received, preferences, notes, no-shows | Generated via the platform |
| Payment Records | Transaction amounts, dates, payment method type — card data held by Stripe / Paystack | Payment processors on behalf of salon |
| Communications | Appointment reminders, confirmations sent via SMS or email | Generated via the platform |
Automatically Collected Data
When you visit our website or use our platform, we automatically collect certain technical data including IP address, browser type and version, device identifiers, pages viewed, time spent, referring URLs, and crash/error reports.
3. How We Collect Data
- Directly from you — when you register, fill in forms, contact support, or use any feature of the platform.
- From salon owners (on behalf of clients) — when a salon inputs or imports their client records into SalonGrid.
- Automatically — via cookies, log files, and analytics tools when you interact with our website or app.
- From payment processors — Stripe and Paystack return transaction metadata (amounts, dates, statuses) after processing payments. We do not store full card numbers or CVVs.
- From third-party integrations — if you connect third-party tools (e.g., Google Calendar), we receive data necessary to enable that integration.
4. How We Use Your Data
We use personal data to:
- Provide, maintain, and improve the SalonGrid platform and Services.
- Create and manage user accounts and salon profiles.
- Process subscription payments and manage billing (via Stripe and Paystack).
- Send transactional communications — appointment confirmations, reminders, receipts, and system alerts.
- Provide customer support and respond to enquiries.
- Detect and prevent fraud, abuse, or security incidents.
- Comply with applicable legal obligations (tax, financial reporting, data protection law).
- Conduct internal analytics and product research to improve the platform.
- Send marketing communications about SalonGrid features and offers — where we have a lawful basis to do so, with opt-out options provided.
We do not sell your personal data to third parties for their own marketing purposes.
5. Legal Bases for Processing
UK & EU GDPR
- Contract performance — processing necessary to deliver the Services you have subscribed to.
- Legitimate interests — fraud prevention, security, service improvement, and direct marketing of our own Services (subject to your right to object).
- Legal obligation — processing required to comply with applicable law.
- Consent — where we rely on your explicit consent (e.g., optional marketing emails), you may withdraw consent at any time without affecting prior processing.
Nigeria NDPR / NDPA
We process personal data of Nigerian data subjects in accordance with the Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Act (NDPA) 2023. We rely on consent, contract performance, and legitimate interests as applicable lawful bases. Nigerian data subjects may direct complaints to the Nigeria Data Protection Commission (NDPC).
United States
We comply with applicable US state privacy laws including the California Consumer Privacy Act (CCPA) as amended by the CPRA, and similar laws in other states. We do not sell personal information. California residents may exercise specific rights as detailed in Section 11 below.
6. Sharing Your Data
We share personal data only in limited circumstances:
Service Providers — We share data with third-party vendors who help us deliver the Services, including cloud hosting, email delivery, SMS messaging, analytics, and customer support tools. All service providers are contractually required to process data only on our instructions.
Payment Processors — Payment data is handled directly by Stripe (international) and Paystack (Africa). We share only the minimum data necessary to initiate and verify transactions. We do not store full card details on our systems.
Between Salons and Their Clients — Salon owners access and manage their own clients’ data through the platform. SalonGrid facilitates this as a data processor acting on the salon’s instructions.
Legal & Regulatory Disclosure — We may disclose data where required by law, court order, or regulatory authority.
Business Transfers — If SalonGrid is involved in a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction. We will provide notice before personal data becomes subject to a different privacy policy.
With Your Consent — We may share data with other parties where you have given explicit consent.
We do not sell personal data. We do not share personal data with third parties for their own independent marketing or advertising purposes.
7. Payments & Financial Data
SalonGrid does not directly handle or store payment card information. All card transactions are processed by our certified payment partners:
- Stripe — for credit/debit card processing in the UK, EU, and internationally. Stripe is PCI-DSS Level 1 certified. See Stripe’s Privacy Policy.
- Paystack — for card and bank transfer processing across Africa. Paystack is PCI-DSS compliant. See Paystack’s Privacy Policy.
SalonGrid receives and stores transaction metadata (amounts, dates, statuses, last 4 digits of card) returned by these processors solely for displaying payment history, managing subscriptions, and providing receipts.
8. Cookies & Tracking
We use cookies and similar technologies on our website and platform for the following purposes:
- Essential cookies — necessary for the platform to function (authentication sessions, security tokens). Cannot be disabled.
- Analytics cookies — help us understand how users interact with our platform.
- Preference cookies — remember your settings and preferences.
- Marketing cookies — used to measure advertising effectiveness. Only set with your consent.
You can manage your cookie preferences via our cookie banner or your browser settings.
9. International Data Transfers
SalonGrid operates globally. Personal data may be transferred to and processed in countries outside your home country. Where we transfer personal data from the UK or EEA to third countries, we rely on appropriate safeguards including UK IDTAs, EU Standard Contractual Clauses (SCCs), and adequacy decisions where applicable.
For transfers of data relating to Nigerian data subjects abroad, we comply with the NDPA’s conditions for cross-border data transfers. To request a copy of the safeguards in place, contact us at contact@salongrid.com.
10. Data Retention
We retain personal data for as long as necessary to fulfil the purposes described in this Policy:
- Active account data — retained for the duration of your subscription.
- Post-cancellation — retained for up to 90 days to enable reactivation, then deleted or anonymised.
- Financial records — retained for 7 years (or as required by applicable tax and accounting law).
- Backup systems — data in backups may persist for up to 90 days after deletion from live systems.
- Legal claims — retained until any relevant dispute is resolved.
11. Your Rights
Depending on your country of residence, you may have the right to: access your personal data; correct inaccurate data; request erasure; restrict or object to processing; request data portability; withdraw consent; and avoid automated decision-making.
To exercise any of these rights, email us at contact@salongrid.com. We will verify your identity before responding. We aim to respond within 30 days (UK/EU GDPR) or 45 days (US CCPA).
You may also lodge a complaint with your local supervisory authority:
- UK: Information Commissioner’s Office (ICO) — ico.org.uk
- EU: Your local data protection authority — edpb.europa.eu
- Nigeria: Nigeria Data Protection Commission (NDPC) — ndpc.gov.ng
12. Children’s Privacy
SalonGrid is not directed at children under the age of 16, and we do not knowingly collect personal data from anyone under 16. If you believe a child’s data has been submitted without parental consent, contact us at contact@salongrid.com.
13. Security
We implement appropriate technical and organisational measures to protect personal data, including encryption in transit (TLS) and at rest, access controls, regular security assessments, and incident response procedures. No method of internet transmission is completely secure; in the event of a breach affecting your rights, we will notify you and relevant authorities as required by law.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last Updated” date, notify active users by email or in-platform notification, and seek your consent where required by law. Your continued use of SalonGrid after such notice constitutes acceptance of the revised Policy.
15. Contact Us
If you have any questions or requests regarding this Privacy Policy, please contact us:
Coneura Technologies Limited (trading as SalonGrid)
Registered in England & Wales, United Kingdom
Email: contact@salongrid.com