Mark Hill Hair Cosmetics Limited (company number 04316530) whose registered office is at Manor Farm, Main Street, Hotham, York  YO43 4UD and whose salon is at Hogg Lane, Kirk Ella, HU10 7NU together with any group companies (“we” “us” “our”) are committed to protecting and respecting your privacy. Should we ask you to provide certain information by which you can be identified when using this website or our salon, then you can be assured that it will only be used in accordance with this privacy policy.

For the purposes of data protection legislation, we are the data controller and we will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 and national and European laws which relate to the processing of personal data. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. If we would like to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation. This policy is effective from May 2018.


What we collect
We may collect and process data about you in the following circumstances:

  • when you complete forms on our website. This includes details such as your name and email address which are provided when you ask us to contact you about our goods or services, or where you subscribe to our mailing list;
  • whenever you provide information to us when; reporting a problem with our website, making a complaint, making an enquiry or contacting us for any other reason;
  • details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that you access (see section on Cookies below); and
  • whenever you disclose your information to us, or we collect information from you in any other way, through our website.

We may also collect data in the following ways:

IP Address We may collect information about your device, including where available your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

Cookies Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.
These cookies also allow us to measure and analyse how our customers use the site, to improve both its functionality and your shopping experience.

Cookie Subgroup Cookies Cookie Type
_at 1st Party
_cmp_a 1st Party
_fbp 1st Party
_ga 1st Party
_ga_Y89RZG5875 1st Party
_ga_YMFK3PB0XH 1st Party
_gat 1st Party
_gcl_au 1st Party
_gid 1st Party
_hjAbsoluteSessionInProgress 1st Party
_hjFirstSeen 1st Party
_hjIncludedInSessionSample_3682619 1st Party
_hjSession_3682619 1st Party
_hjSessionUser_3682619 1st Party
_landing_page 1st Party
_orig_referrer 1st Party
_s 1st Party
_secure_session_id 1st Party
_shg_session_id 1st Party
_shg_user_id 1st Party
_shopify_s 1st Party
_shopify_sa_p 1st Party
_shopify_sa_t 1st Party
_shopify_y 1st Party
_tt_enable_cookie 1st Party
_ttp 1st Party
_utid 1st Party
_y 1st Party
cart_currency 1st Party
cart_sig 1st Party
epb_previous_pathname 1st Party
keep_alive 1st Party
localization 1st Party
markHillNewsletterModal 1st Party
ps_analytics 1st Party
qab_previous_pathname 1st Party
secure_customer_sig 1st Party
shopify_pay_redirect 1st Party
swym-cu_ct 1st Party
swym-email 1st Party
swym-instrumentMap 1st Party
swym-o_s 1st Party
swym-pid 1st Party
swym-session-id 1st Party
swym-swymRegid 1st Party
AEC 3rd Party
CONSENT 3rd Party 3rd Party
SOCS 3rd Party


We use cookies to personalise content, ads and to analyse our traffic. We also share information about your use of our site with our advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. Analytics and advertising partners include:





We may use your personal data for our legitimate interests in order to:

  • provide you with information, or services that you requested from us;
  • allow you to participate in interactive features of our website, when you choose to do so;
  • ensure that content from our website is presented in the most effective manner for you and for your device;
  • improve our website, products and services.
  • contact you for marketing purposes about new
  • products, special offers or other information where you have signed up for these (see below for further details); and
  • respond to any feedback you send us, if you’ve asked us to.


Our website may contain links to other websites of interest. However, once you have used these links to leave our website, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the website in question.


Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party antivirus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party antivirus software or similar applications.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.


We will collect details such as your name and contact information, payment details when you order goods or services from us either via our website or in our salon and medical information such as allergies, pregnancy or other health conditions when you request service from our salon. We will use this information to process your order and comply with our contractual obligations.

For salon clients under the age of 16, we will only collect and use their personal information with the consent of a parent, carer or guardian.

In order to perform our contract with you, we may also need to share personal data with third parties such as payment providers, salon software providers, third party marketing companies and postal service organisations to assist in the delivery of goods or services you have ordered.

We may also advertise your feedback on our website and marketing materials (subject to obtaining your prior consent where necessary).

We will retain your information as long as we require this to provide you with the goods or services ordered from us and for a period of six years afterwards where you have ordered goods or service from our website or one year afterwards from when you last visited our salon. Any medical information you provide in relation to our salon services will be retained for up to four years since your last visit and any financial details are retained for up to six years since your last visit. Where you have subscribed to receive marketing correspondence from us we will keep your personal data for the period of time described in the Marketing section below.


We will collect details such as name, contact information and payment information in order to contact you about goods or services ordered with you, to place further orders and to pay you for the goods and/or services supplied. We will keep the personal data for six years further to being provided with the goods/services.


For further information on how your personal data is used, including disclosure to third parties, how we maintain security of your information and your rights in relation to the information we hold about you, please see your contract of employment and our employee handbook.


Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide the data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example to provide you with our goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.


In addition to the uses described above, we may use your personal data for our legitimate interests in order to provide you with details about our products, services and/or news we supply/publish. You can subscribe through an online automated process where you have given your explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with this policy.

You have the right to opt-out of receiving this information at any time. You can unsubscribe through details in the footer of sent marketing messages or, for salon clients, you can let us know by emailing us at The type and content of marketing messages you will receive, and if it may contain third party content, is clearly outlined at the point of subscription.

Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.

Our EMS (email marketing service) provider is Mailchimp and you can read their privacy policy on their website:

Where you have subscribed to receive marketing correspondence from us we will keep personal data one year from when you provide us with your consent.


We may monitor and record communications with you (such as emails) for the purpose of  quality assurance, training, fraud prevention and compliance. We usually retain such information for a period of one year from the end of the month in which the communications were sent or received unless a longer period is required (for example where a communication contains medical information you have provided in relation to our salon services) in which case the information will be retained in accordance with this policy.


We do not undertake automated decision making with your personal data.


We will only use your personal data where the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • for performance of a contract we enter into with you;
  • where necessary for compliance with a legal or regulatory obligation we are subject to; and
  • for our legitimate interests (as described within this policy) and your interests and fundamental rights do not override these interests.

We will only use your sensitive personal data (such as medical/health related information) where we have your explicit consent.


In addition to the third parties mentioned above, we may disclose your information to third parties for our following legitimate interests as follows:

  • to staff members in order to facilitate the provision of goods or services to you;
  • to self-employed colleagues in our salon to facilitate the provision of goods or services to you;
  • IT software providers that host our website and store data on our behalf; and
  • professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services.

We may disclose personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our website terms and conditions and other agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We will not sell or distribute personal data to other organisations without your approval.


Where permitted by applicable law, we may transfer your personal data to the United States and other jurisdictions outside the European Economic Area (‘EEA’) for the purposes set out in this privacy policy. The third parties which we share data with outside of the EEA (for example EMS provider and payment providers) have implemented the EU-US Privacy Shield to secure the transfer of your personal data.


Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk.

Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.


Data protection legislation gives you the right to object to the processing of your personal data in certain circumstances or withdraw your consent to the processing of your personal data where this has been provided. You may also request details of personal information which we hold about you and for this to be provided in an intelligible form. In certain circumstances we reserve the right to charge a reasonable fee to comply with your request.

If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.

You can also ask us to:

  • remove your personal data from our database entirely;
  • send you copies of your personal data in a commonly used format and transfer your information to another entity; or
  • restrict the use of your personal data.

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Data protection legislation may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

Please send any requests relating to the above to our Data Protection Lead at specifying your name and the action you would like us to undertake.


Where you have provided your consent to the collection, processing and transfer of your personal data, you have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, please contact us at .

In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.

General information on Klarna you can find here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy policy.


We have appointed a Data Protection Lead to oversee compliance with this privacy policy. If you have any questions, comments or requests regarding this policy or how we use your personal data please contact our Data Protection Lead at This is in addition to your right to contact the Information Commissioners Office if you are unsatisfied with our response to any issues you raise at