of

House of Iris respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, and store your information when you visit our studio, use our website, purchase products, or interact with us.

This notice is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

1. Who We Are

House of Iris is a tattoo and piercing studio based in London, United Kingdom. House of Iris is the data controller responsible for your personal information.

If you have any questions about this notice or how your data is handled, please contact us at:

House of Iris
6 Chingford Road, Walthamstow, London E17 4PJ UK
Thehouseofiris@gmail.com

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been handled improperly.

​

2. Information We Collect

We may collect and process the following types of personal information depending on how you interact with us.

Client procedure records

When you receive a tattoo or piercing service we may collect:

• Full name

• Pronouns

• Identification (for age verification and parental/guardian verification)

• Date of birth (for age verification)

• Contact details (phone number and/or email address)

• Address (where required)

• Medical information relevant to the procedure (such as allergies, medical conditions, medications, pregnancy status, or other contraindications)

• Details of the service provided

• Your signature confirming informed consent

This information is necessary to ensure procedures are carried out safely and responsibly.

Website and online store information

When you place an order through our website we may collect:

• Name
• Billing address
• Delivery address
• Email address
• Phone number
• Order details
• Payment confirmation details

Payment card information is processed securely through third-party payment providers and is not stored by House of Iris.

Account or communication data

If you contact us via email, social media, or website forms we may collect:

• Your name
• Contact information
• The content of your enquiry or message

​

CCTV footage

Our studio uses CCTV systems for the purposes of security, crime prevention, and the safety of our staff and clients. CCTV footage may capture images of individuals visiting the premises.

​

Technical website data

When you visit our website, certain technical information may be collected automatically, including:

• IP address
• Browser type and version
• Device type
• Pages visited
• Time and date of visit
• Referring website

This information helps us operate and improve our website.

​

3. How We Use Your Information

We use personal data for the following purposes:

• Verifying age and identity before procedures
• Obtaining informed consent prior to tattoo or piercing services
• Ensuring the health and safety of clients
• Maintaining legally required and insurance-related records
• Processing and fulfilling online orders
• Delivering purchased products
• Managing customer enquiries and bookings
• Improving our services and website functionality
• Preventing theft, fraud, or misuse of our premises or website
• Maintaining the security of the studio through CCTV

​

4. Legal Basis for Processing

Under UK data protection law we rely on the following lawful bases:

Contractual necessity
To provide services or fulfil orders you request.

Legal obligation
To comply with legal, health, and insurance requirements.

Legitimate interests
To operate our business, improve our services, and maintain studio security.

Vital interests / health and safety
Certain medical information is processed to ensure safe procedures and protect client wellbeing.

​

5. Sharing Your Information

We do not sell your personal data.

Your information may be shared with trusted third parties where necessary for business operations, including:

• Payment processors
• Website hosting providers
• E-commerce platforms
• Delivery and courier services
• Professional advisers (such as accountants, insurers, or legal advisers)
• Law enforcement or regulatory authorities where legally required

All third parties are expected to respect the security of your data and process it lawfully.

​

6. Payment Processing

Payments made through our website or in the studio may be processed through secure third-party payment providers. These providers handle payment information directly and are responsible for protecting that data under their own privacy policies.

House of Iris does not store full card payment details.

​

7. How We Store and Protect Your Data

We take appropriate technical and organisational measures to protect your personal information.

These may include:

• Secure digital systems with password protection
• Restricted staff access to sensitive information
• Locked storage for physical records
• Secure payment processing systems
• Routine monitoring of our systems

Only authorised personnel are permitted to access personal data where necessary for their role.

​

8. Data Retention

We only retain personal data for as long as necessary for the purposes it was collected.

Typical retention periods include:

Client consent records

• Adults: retained for 6 years after the date of the procedure
• Minors: retained until the client reaches 21 years of age or 6 years, which ever is later.

This is to comply with legal and insurance requirements.

Online order records

Order and transaction records are typically retained for up to 6 years to comply with tax and accounting obligations.

Customer enquiries

General enquiries may be retained for up to 12 months unless further interaction occurs.

CCTV footage

CCTV recordings are normally retained for a limited period (typically 14–30 days) unless required for investigation or legal purposes.

When data is no longer required it is securely deleted or destroyed.

​

9. Cookies and Website Tracking

Our website may use cookies and similar technologies to improve functionality and understand how visitors use the site.

Cookies may help us:

• Remember your preferences
• Improve website performance
• Analyse traffic and usage patterns

You can control or disable cookies through your browser settings. Disabling cookies may affect how the website functions.

​

10. Marketing Communications

If you subscribe to marketing updates or newsletters, we may use your email address to send information about products, services, or studio updates.

You can unsubscribe at any time by:

• Clicking the unsubscribe link in emails
• Contacting us directly

We do not send marketing communications without appropriate consent.

​

11. Your Data Protection Rights

Under UK data protection law you have the right to:

• Request access to your personal data
• Request correction of inaccurate information
• Request deletion of data where appropriate
• Restrict certain processing activities
• Object to certain uses of your data
• Request transfer of your data to another organisation where applicable

Requests can be made by contacting us using the details provided above.

We will respond to requests in accordance with applicable data protection laws.

​

12. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect legal, operational, or regulatory changes. The most current version will always be available on our website.

​

13. Contact

If you have any questions about this Privacy Notice or how your data is handled, please contact:

House of Iris
6 Chingford Road, Walthamstow, London E17 4PJ UK
Thehouseofiris@gmail.com

​

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.