We use cookies to improve your experience. By continuing, you agree to our cookie policy.

Privacy Policy

Last updated: 22 February 2026

1. Data Controller

Katie McCormick ("we", "us", "our"), trading as Katie McCormick Stylist, is the data controller responsible for your personal data. We are based in London, United Kingdom and can be contacted at [email protected].

This policy sets out how we collect, use, store, and share your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Identity data: your name.
  • Contact data: your email address.
  • Enquiry data: any information you provide in messages sent to us via email or Instagram.
  • Technical data: IP address, browser type, operating system, and pages visited. This data is collected automatically via server logs.
  • Cookie data: data stored through essential cookies as described in our Cookie Policy.

We do not collect any special category data (such as data about race, ethnicity, religion, health, or sexual orientation).

3. How We Collect Your Data

We collect personal data through:

  • Direct correspondence via email or Instagram.
  • Automated technologies: server logs and essential cookies when you browse the website.

4. Lawful Basis for Processing

Under Article 6 of the UK GDPR, we rely on the following lawful bases:

  • Legitimate interests (Article 6(1)(f)): to respond to your enquiries, manage our business, and improve our website. We have assessed that these interests do not override your fundamental rights and freedoms.
  • Consent (Article 6(1)(a)): where you consent to our use of cookies via the cookie banner.
  • Contract (Article 6(1)(b)): where processing is necessary to perform a contract with you or to take steps at your request prior to entering a contract.

5. How We Use Your Data

We use your personal data to:

  • Respond to styling enquiries and arrange consultations.
  • Provide the styling services you have engaged us for.
  • Maintain records of client engagements for our legitimate business interests.
  • Operate and improve our website.

We do not use your data for automated decision-making or profiling. We do not send marketing communications unless you explicitly opt in.

6. Data Sharing

We do not sell, rent, or trade your personal data. We may share data with:

  • Web hosting providers who process data on our behalf under appropriate data processing agreements.
  • Professional advisers (such as accountants or lawyers) where necessary and subject to professional duties of confidentiality.
  • Law enforcement or regulatory bodies where we are legally required to do so.

We do not transfer personal data outside the United Kingdom unless appropriate safeguards are in place as required by UK GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Enquiries: retained for up to 12 months after the last communication, unless an ongoing client relationship exists.
  • Client records: retained for 6 years after the end of the engagement, in line with HMRC record-keeping requirements.
  • Server logs: retained for up to 90 days.

After the retention period expires, data is securely deleted.

8. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the following rights:

  • Right of access (Article 15): to obtain a copy of the personal data we hold about you.
  • Right to rectification (Article 16): to have inaccurate data corrected.
  • Right to erasure (Article 17): to request deletion of your data in certain circumstances.
  • Right to restrict processing (Article 18): to limit how we use your data.
  • Right to data portability (Article 20): to receive your data in a structured, commonly used format.
  • Right to object (Article 21): to object to processing based on legitimate interests.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, contact us at [email protected]. We will respond within one month of receiving your request.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted connections (HTTPS), secure server configurations, and access controls.

10. Third-Party Links

This website may contain links to third-party websites, including Instagram. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies.

11. Complaints

If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk
  • Telephone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

12. Changes to This Policy

We may update this policy from time to time. Any changes will be posted on this page with an updated "last updated" date. We encourage you to review this page periodically.