top of page



This privacy policy sets out how The Lab Enfield Ltd, collects, stores and uses personal data from you or about you when you use this website (, purchase products and services or where we otherwise obtain or collect information about you. 


The Lab is committed to ensuring that your privacy is protected and you can be assured that any personal data will only be used in accordance with this privacy statement.


The Lab may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.


Please read this privacy policy carefully as it will help you to understand the way that we use your data and our reasons for doing so.

Sections in

this Policy

Our details

Information we may collect from you

When you visit the salon

When you visit the website

Social media

Processing your payments online

Processing your payments in-salon

Security, legal and compliance purposes

Your rights and how to contact us 

Our details 

If you have any questions about how we collect, store and use personal data, or if you have any other privacy-related questions, please contact us by any of the following means:


Phone us: 02083646779

E-mail us:

Write to us: The Lab, 75 windmill Hill, EN2 7AF


When contacting us, please remember to quote your name and contact details.

Information we may collect from you

  • First name and last name

  • Date of birth

  • Email address

  • billing and delivery postal addresses

  • demographic information such as postcode, your communication and shopping preferences and interests

  • financial, credit and debit card information when you make a purchase

  • sensitive information - with your consent - about you (e.g. medical) which may affect your ability to provide you with the services you request

  • information about the products and services you purchase from us

  • Information about your visits to this website, geographical location, browser type, referral source, length of visit and pages viewed to manage and improve the website to improve our services to you, and to understand your preferences in terms of the way that you like to use our site and which of our products and services you are interested in.

  • information relating to any purchases you make of our goods and/or services. We will use this information to fulfill any order and to communicate with you when necessary. If you provide us with your debit or credit card details, we will record them so that you can save time and use them when you next order with us.

  • Information that you provide to us for the purpose of registering with us and allowing us to send you email notifications and/or promotional information.

  • Information that you provide to us for the purpose of signing up for our email newsletters or SMS alerts.

When you visit the salon 

As part of The Lab’s strict safety and hygiene standards, each client will have a record card which is updated upon every visit and a personal box and separate flip-flops - both labelled with the client’s first and last name. These items are stored on-site and do not leave the premises unless the client opts out of these services or chooses to take these items home with them. 

When you the visit the website

We use a third party server, WIX, to host our website, the privacy policy of which is available here:


We may use the data listed in the ‘Information we may collect from you’ section to help us improve your browsing experience by developing and improving the design and layout of the website. We may also use this data to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes. There are occasions where we need to use personal data to help us with our internal business purposes, such as analysing and managing our business, internal record keeping, audits, developing new products or services, enhancing our site, improving our services and products and identifying usage trends.  For these purposes, your personal data will be aggregated and looked at on a statistical basis. It is in our legitimate interests as a business to use your data in this way.  For example, we have a clear interest in ensuring that our site works properly and that our products and services are high quality and efficient. We will always ensure that your rights are protected.


Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.


We may use the information you have provided us, to contact you regarding your appointment, purchases or any other relevant matter linking yourself to The Lab. Methods of contact include, but is not limited to: email, phone, SMS and social media correspondence. If you would prefer for us not to contact you by any or all of these methods, please let us know.


We will never ask you to confirm any account or credit card details via email. If you receive an email claiming to be from asking you to do so, please ignore it and do not respond.



When you engage with us on social media such as Facebook or Instagram, we will use your personal data (such as your username) to respond to you and may share this interaction on our own social media account where you will be visible on our feed and or ‘stories’. We like to engage in such activity as it helps to elevate our branding and customer service, but if you would prefer for us not to do so, you can let us know and we will remove the content. 

Processing your payments online

Our website checkout process uses Stripe which is secured by HTTPS / TLS encryption and is safe for you to purchase. 


TLS (Transport Layer Security) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and secure. TLS is the industry standard and is used by millions of websites in the protection of their online transactions with their customers.


Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

Processing your payments


In order to process your payment we use a third party payment processor, EVO Payments International GmbH. EVO Payments International GmbH collects, uses and processes your information, including payment information, in accordance with their privacy policies, which is available here:


We are PCI DSS compliant, which means that we adhere to the guidelines of keeping your card details secure. 

Security, legal and compliance purposes

From time to time we may use your personal data as part of our efforts to keep our site safe and secure, to detect or prevent fraud or other illegal activity or otherwise as we believe to be necessary or appropriate in each case in order to comply with laws or legal process (including laws or legal process in other countries). We may also use your personal data to protect our rights or property (or the rights or property of others) and to enforce our rights and pursue available remedies.


In some cases, we will need to use your personal data to fulfil a legal obligation (for example, if we receive a legitimate request from law enforcement agencies), and in other cases (such as the detection of fraud or ensuring the security of the site) we will rely on our legitimate interests as a business to use your data in this way. 

Your rights and how to contact us 

The law gives you a number of rights to restrict the collection or use of your personal information. You have the right:


  • to ask us not to use your personal data for direct marketing purposes;

  • to ask to see what personal data we hold about you and to find out about the way that we process the data (and in some circumstances, you can ask us to provide a copy to a third party);

  • to ask us to correct or update any personal data which is inaccurate;

  • to ask for personal data to be deleted in some (but not all) circumstances where there is no good reason for us to continue to process it;

  • to ask us to temporarily stop using your data if you don't believe that we have a right to use it, or to stop us from using your personal data where there is no good reason for us to continue to use it; and

  • not to be subject to decisions made solely on the basis of 'automated processing' (i.e. the right not to be subject to decisions made solely by algorithms or computers without input from a human) in certain circumstances. 


If you would like to exercise any of the rights listed above, or if you have any queries or concerns about the way that we use your personal data (or any questions about this privacy policy), you can contact us via our details listed above.


You also have the right to complain about our use of your personal data. You can contact the Information Commissioner's Office via their website: or by calling 0303 123 1113.

bottom of page