Cookie Policy

At Salon 1150 (“Salon 1150,” “we,” “us,” or “our”), we are committed to protecting your privacy and ensuring compliance with all applicable regulations—including the EU General Data Protection Regulation (GDPR), the ePrivacy Directive (the “EU Cookie Law”), and relevant guidelines issued by authorities such as the UK Information Commissioner’s Office (ICO) and other international privacy bodies. This Cookie Policy explains how and why we use cookies and similar technologies on our website (www.salon1150.com), what rights you have regarding those technologies, and how you can manage your preferences.

---

1. What Are Cookies and Similar Technologies?

Cookies are small text files stored on your device (computer, tablet, or mobile) when you visit our website. They enable us to recognize your device, remember your preferences, and collect anonymous data about usage patterns. In addition to cookies, we may use comparable technologies such as:

• Web Page Beacons (also known as “pixels” or “tracking pixels”): Tiny graphic images embedded in web pages or emails that track site visits or email opens.
• Local Storage Objects (e.g., HTML5 Local Storage): Allow websites to store information on your device beyond a single browsing session.
• Fingerprinting Techniques: Collect small bits of information about your device settings to uniquely identify you without traditional cookies.

All of these technologies are referred to collectively as “cookies” throughout this policy.

---

2. Why We Use Cookies

We use cookies and similar technologies to:

1. Provide Essential Functionality
   • Enable you to navigate our site and use its features (e.g., secure login, appointment booking, shopping cart, and preferences).
2. Enhance Performance & Analytics
   • Analyze how visitors interact with our website (e.g., pages visited, time spent, popular content).
   • Generate aggregated, anonymized reports to help us improve site usability, speed, and content.
   • Comply with EU GDPR guidelines requiring transparency about analytics cookies (Article 6(1)(f) – legitimate interests) and ensuring anonymization where feasible.
3. Deliver Personalized Content & Marketing
   • Remember your preferences (e.g., preferred language, location, or service interests).
   • Show you relevant offers or promotions based on your browsing behavior (e.g., retargeting ads for nail services during seasonal campaigns).
   • Measure the effectiveness of our advertising (e.g., tracking conversion from a Facebook or Google Ads campaign).
4. Improve Security & Fraud Prevention
   • Protect our site from malicious activity (e.g., cross-site request forgery, session hijacking).
   • Verify user authenticity when you log in or request sensitive actions (e.g., updating payment methods).
5. Comply with Legal Obligations
   • Record your cookie consent in accordance with the EU Cookie Directive and ICO guidelines (e.g., storing consent status, time, and scope).
   • Retain records for audit and regulatory compliance as necessary under GDPR (e.g., Article 30 – records of processing activities).

---

3. Types of Cookies We Use

We categorize cookies into four broad types. Below is an illustrative (non-exhaustive) list; specific cookie names and lifespans may change over time. You can always find the most up-to-date cookie declaration table on our website.

3.1 Strictly Necessary Cookies

• Purpose:
  These cookies are essential for you to navigate our site and use its features (e.g., secure login, scheduling appointments, completing transactions). Without these cookies, certain services you request (like booking or checking out) cannot be provided.
• Example Cookies:
  • session_id (session) – Maintains your session state as you move through our booking process.
  • csrf_token (session) – Prevents cross-site request forgery attacks.
• Consent Requirement:
  Under GDPR, these cookies are considered “strictly necessary for the performance of a contract,” so we do not require explicit consent—though we inform you about their use.

3.2 Performance & Analytics Cookies

• Purpose:
  These cookies collect anonymous information about how visitors use our site. We use this data to improve site functionality, identify technical issues, and optimize user experience.
• Example Cookies:
  • _ga, _gid, _gat (Google Analytics – 2 years, 24 hours, 1 minute) – Track visits and behavior across pages.
  • _hjIncludedInSample (Hotjar – 1 year) – Determines if you are included in the data sampling for Hotjar’s heatmaps and session recordings.
• Legal Basis:
  Processing is based on our legitimate interests to understand and enhance site performance (GDPR Article 6(1)(f)). We aggregate or anonymize data where possible to reduce privacy risk.
• Consent Requirement:
  We obtain your opt-in consent before placing performance/analytics cookies (e.g., via our cookie banner or preference center).

3.3 Functionality Cookies

• Purpose:
  These cookies remember your site preferences and choices—such as language, location, or customized settings—to personalize your experience.
• Example Cookies:
  • language_pref (90 days) – Remembers your chosen site language or currency.
  • remember_me (30 days) – Keeps you logged in for convenience if you opt for “Remember Me.”
• Legal Basis:
  Processing is based on your consent or legitimate interest when customization enhances the user experience without compromising privacy.
• Consent Requirement:
  Prior consent is required; you can enable or disable these in your cookie settings at any time.

3.4 Targeting & Advertising Cookies

• Purpose:
  These cookies track your browsing activity across multiple websites to deliver targeted advertisements and measure advertising performance. They allow us or our partners (e.g., Google Ads, Facebook Ads) to build a profile of your interests and show you relevant offers (e.g., seasonal nail art promotions or hair package discounts).
• Example Cookies:
  • IDE (Google DoubleClick – 1 year) – Tracks users across different domains to display targeted ads on Google’s network.
  • _fbp (Facebook – 3 months) – Displays Facebook ads to users who visited our site.
  • yandexuid (Yandex.Metrica – 10 years) – Used for targeting on Yandex’s ad network.
• Legal Basis:
  Requires your explicit consent under GDPR (Article 6(1)(a)) and ePrivacy Directive. Under CCPA, users have the right to opt out of “selling” personal data; we include this in our Do Not Sell My Personal Information link.
• Consent Requirement:
  We only place targeting/advertising cookies after you provide affirmative consent (e.g., clicking “Accept” on our cookie banner or toggling on “Advertising Cookies” in the preference center).

---

4. Third-Party Cookies & Data Sharing

Our website may include widgets, plugins, or integrations from third parties (e.g., social media platforms, booking partners, analytics providers). These third parties may set their own cookies to:

• Track your behavior across multiple sites.
• Measure ad performance or retarget you with promotions.
• Provide social features (e.g., Instagram feed, “Like” buttons).

4.1 Examples of Third-Party Providers

• Google Analytics
• Facebook Pixel
• Hotjar
• YouTube / Vimeo (embedded videos)
• Booking Platforms (e.g., Mindbody, Fresha)
• Social Media Widgets (e.g., Instagram embed, Facebook Like buttons)

4.2 Our Role & Responsibilities

• We do not share personal data with third parties unless you expressly consent or it is necessary for service provision (e.g., sending your booking details to our appointment software).
• Third-party services have their own privacy and cookie policies. We encourage you to review their terms to understand how they collect and process your data.

---

5. Cookie Consent & Management

To comply with GDPR, the ePrivacy Directive, and other relevant guidelines, we provide transparent cookie notices and empower you to manage your preferences.

5.1 Cookie Banner & Preference Center

• Initial Banner: Upon first visiting our site, you will see a cookie banner summarizing cookie categories (Strictly Necessary, Performance & Analytics, Functionality, Targeting & Advertising) and providing “Accept All,” “Reject All,” or “Cookie Settings” options.
• Consent Storage:
  • If you click “Accept All,” we activate cookies in all categories (except Strictly Necessary, which are always active).
  • If you click “Reject All,” only Strictly Necessary cookies remain active; all other categories are blocked until you opt in.
  • If you click “Cookie Settings,” you can toggle each category on or off (except Strictly Necessary, which remain enabled). Your preferences are stored in a consent cookie (valid for 12 months) in conformance with EU guidelines.
• Consent Renewal: We periodically (at least once every 12 months) prompt you to review your cookie preferences to ensure ongoing compliance with GDPR.

5.2 How to Withdraw or Modify Consent

• Visit our Cookie Settings link located in the website footer or within our Privacy Policy.
• Toggle the given categories on or off; changes take effect immediately (except for cookies already placed—you may need to manually delete them via your browser).
• Alternatively, you can clear all cookies from your browser (see Section 6 for guidance).

5.3 Exceptions & Legitimate Interests

• Strictly Necessary Cookies do not require opt-in consent, as they are essential to provide contracted services (e.g., booking, secure checkout).
• For Performance & Analytics, we rely on legitimate interests. However, we anonymize IP addresses and provide an opt-out mechanism in our Cookie Settings.
• For Functional & Targeting Cookies, explicit opt-in consent is mandatory.

---

6. How to Manage and Delete Cookies

You have the right to manage cookies at any time. You can exercise control through:

1. Cookie Settings
   • Click the “Cookie Settings” link in the site footer or our Privacy Policy to adjust preferences.
2. Browser Controls
   Most web browsers allow you to:
   • View which cookies are stored.
   • Block or allow individual cookies.
   • Delete cookies manually.
     For instructions, consult:
   • Chrome: Settings → Privacy and security → Cookies and other site data
   • Firefox: Options → Privacy & Security → Cookies and Site Data
   • Safari: Preferences → Privacy → Manage Website Data
   • Edge: Settings → Site permissions → Cookies and site data
   • Opera: Settings → Advanced → Privacy & security → Site settings → Cookies and site data
3. Third-Party Opt-Out Tools
   • Google Analytics Opt-Out Browser Add-on: https://tools.google.com/dlpage/gaoptout
   • Network Advertising Initiative (NAI) Opt-Out: https://optout.networkadvertising.org
   • Digital Advertising Alliance (DAA) Consumer Choice Platform: https://optout.aboutads.info
   • EU’s Your Online Choices Platform: https://www.youronlinechoices.eu

Please note that blocking or deleting cookies may:

• Limit or disable certain site features (e.g., retaining items in your shopping cart, remembering your login).
• Affect your ability to complete transactions or interact with dynamic content (e.g., booking forms).

---

7. Children’s Digital Privacy

Consistent with the Children’s Online Privacy Protection Act (COPPA) and EU GDPR restrictions on processing data of minors:

• We do not knowingly place cookies for users under 16 without verifiable parental consent (where required).
• If you believe a minor has provided Personal Data that enabled cookies without appropriate consent, please contact us at [email protected]. We will promptly remove their information and disable any active non-essential cookies.

---

8. International Transfers & Data Protection

Salon 1150 is based in the United States (Austin, Texas), and some of our service providers are located outside the European Economic Area (EEA). When we transfer data outside the EEA:

• We ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on the EU-U.S. Data Privacy Framework, where applicable.
• We do not share your personal data with third parties without your consent, except as necessary for contract performance or legal obligations.

---

9. Updates to This Cookie Policy

We may revise this Cookie Policy at any time to reflect changes in regulations, industry standards, or our practices. When we make material changes:

• We will update the Effective Date at the top.
• We will notify you via a banner or pop-up on our website and, if appropriate, by email.
• Continued use of our website after changes indicates acceptance of the updated policy.

Please review this policy periodically to stay informed of how we protect your information.

---

10. Contact Us

If you have any questions about our use of cookies or wish to exercise your rights, please contact us