%20-%20%E7%B7%A8%E9%9B%86%E6%B8%88%E3%81%BF.png)
Privacy Policy
Last updated: 10 July 2025
The Head Spa Tokyo Inc. (“we”, “our”, “us”) operates the website https://headspatokyo.com (the “Site”). We respect your privacy and are committed to protecting your personal information. This Policy explains what data we collect, why we collect it, how we use it, and what rights you have under the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act and its amendments (CCPA / CPRA), and Japan’s Act on the Protection of Personal Information (APPI).
Information We Collect
Contact Data: name, email address, phone number. Collected through reservation and contact forms.
Booking Data: chosen course, salon location, appointment time. Collected through the online booking system.
Payment Data: amount, currency, masked card details. Processed via in-store POS and Stripe terminals.
Technical Data: IP address, device type, browser, language, time-zone. Collected by cookies and server logs.
Usage Data: pages viewed, links clicked, session length. Collected by Wix Analytics and Google Analytics 4.
Marketing Data: newsletter opt-in status and survey answers. Collected via sign-up checkboxes and email campaigns.
We do not intentionally collect sensitive personal data unless you voluntarily provide it.
How and Why We Use Your Data
We use personal data to confirm and manage reservations, send booking reminders and follow-up emails, process payments and issue receipts, improve site performance and security, and send promotional newsletters if you have given consent. The legal bases are contract performance, legitimate interest, or your explicit consent, as defined in GDPR Article 6.
Cookies and Similar Technologies
We do not sell or rent personal data. We share information only with service providers such as Wix (hosting), Stripe (payment), SelectType (booking), and SendGrid (email), with professional advisers, or with public authorities when required by law. All third parties are bound by confidentiality and data-processing agreements.
Sharing Your Information
We employ cookies to operate essential site functions, measure traffic and performance, and personalise marketing. When you first visit the Site, a cookie banner allows you to accept or reject non-essential cookies. You can change your preference at any time via Cookie Settings in the footer.
International Transfers
Your data may be stored on servers outside your country. We protect transfers with participation in the EU-US Data Privacy Framework, Standard Contractual Clauses, or equivalent safeguards.
Data Retention
Booking and billing records are kept for ten years to meet statutory accounting requirements. Marketing data is retained until you unsubscribe or for three years after your last interaction. Analytics data is kept for twenty-six months according to Google Analytics 4 defaults.
Your Rights
You may request access to, correction or deletion of your personal data, object to or restrict processing, receive a portable copy of your data, and withdraw consent for marketing at any time. Submit requests to info@headspatokyo.com. We respond within thirty days.
Children
The Site and our services are not directed to anyone under sixteen. If you believe a child has provided personal data, please contact us so we can delete it.
Security Measures
We protect your data with HTTPS TLS encryption, firewalls, role-based access control, and regular vulnerability scans.
Changes to This Policy
We may update this Policy periodically. We will post any changes here and revise the Effective Date above. Significant changes will also be announced by email when feasible.
Contact Us
The Head Spa Tokyo Inc.
3-18-7 Shibuya 3-chome, Shibuya-ku, Tokyo 150-0002, Japan
Email: info@headspatokyo.co.jp