Daufe

Privacy Policy

Effective Date: 26 August 2025
Last Updated: 26 August 2025

Duafe (“we,” “our,” “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect your information when you use our website and mobile application.

1. Who We Are

Duafe is a booking and protection platform for beauty services. We are the data controller of the personal data you provide.

If you have any questions about this Privacy Policy, please contact us:

  • Email: info@duafe.co
  • Address: 167-169 Great Portland Street 5th Floor London W1W 5PF

2. What Information We Collect

  • Identity & Contact Data: Name, phone number, email address, account details.
  • Booking Data: Service type, vendor, appointment details, and preferences.
  • Payment Data: Processed securely via third-party providers (e.g., Stripe).
  • Technical Data: Device information, IP address, browser type, app usage.
  • Communication Data: Messages, emails, and feedback you send to us.

3. How We Use Your Data (Lawful Basis)

  • To provide services (performance of contract): managing bookings, payments, confirmations.
  • To improve our platform (legitimate interest): monitoring usage, fixing bugs, improving features.
  • To communicate with you (consent/legitimate interest): sending updates, offers, marketing (if opted in).
  • To comply with the law (legal obligation): tax, fraud prevention, regulatory reporting.

4. How We Share Your Data

We never sell your personal data. We may share it only with:

  • Vendors: so they can provide the service you booked.
  • Service providers: Stripe (payments), Firebase (hosting), analytics tools.
  • Authorities: if required by law or to protect our rights.

All third parties are required to protect your data and use it only for the agreed purpose.

5. International Transfers

Some service providers may be outside the UK/EU. Where this happens, we ensure adequate protection (e.g., Standard Contractual Clauses).

6. How Long We Keep Your Data

  • Account data: while your account is active.
  • Booking & payment data: at least 6 years (legal requirement).
  • Marketing data: until you withdraw consent/unsubscribe.

7. Your GDPR Rights

  • Access your data (Subject Access Request).
  • Correct inaccurate data.
  • Delete your data (“Right to be forgotten”).
  • Restrict or object to processing.
  • Data portability (receive your data in a usable format).
  • Withdraw consent for marketing at any time.

To exercise your rights, contact us at support@duafe.co.

8. Cookies & Tracking

We use cookies and similar technologies for essential functionality and analytics. You can control cookies through your browser settings.

9. Data Security

We use technical and organisational measures (e.g., encryption, secure servers, limited access) to protect your information. However, no system is 100% secure.

10. Updates to this Policy

We may update this Privacy Policy from time to time. Any changes will be posted here with a new effective date.