Privacy Policy

Last updated: 12 February 2026

Who We Are

Comfort Zone Beauty & Wellness Pty Ltd (ABN 41 837 295 160), operating from 7/18 Oceanview Crescent, Byron Bay, NSW 2481, is the data controller responsible for your personal information collected through this website and in our salon.

Information We Gather

When you interact with our website or visit our salon, we may collect the following categories of personal data:

  • Identity details such as your name and date of birth.
  • Contact information including your email address, telephone number and postal address.
  • Health and skin information you share during consultations, necessary to deliver safe and effective treatments.
  • Booking and transaction records related to appointments and purchases.
  • Technical data such as your IP address, browser type and pages visited, gathered automatically through cookies and server logs.

How We Use Your Data

We process your personal information for the following purposes:

  • To schedule and manage your appointments.
  • To personalise treatments according to your skin profile and health history.
  • To communicate with you about bookings, promotions and salon updates where you have opted in.
  • To improve our website and service offerings through anonymised analytics.
  • To comply with legal and regulatory obligations applicable in New South Wales and Australia.

Legal Basis for Processing

We rely on the following grounds under the Australian Privacy Principles (APPs):

  • Your explicit consent, which you may withdraw at any time.
  • Performance of a contract, for example fulfilling a booked appointment.
  • Legitimate business interests, provided they do not override your privacy rights.

Sharing and Disclosure

We do not sell, rent or trade your personal information. We may share data with trusted service providers who assist us in operating the website, processing payments or delivering communications — always under strict confidentiality agreements. We may also disclose information if required by Australian law.

Data Retention

We retain personal data only as long as necessary to fulfil the purposes outlined above or to comply with legal obligations. Consultation and treatment records are kept for seven years in line with health services guidelines. You may request deletion of your data at any time, subject to our legal retention requirements.

Your Rights

Under the Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate or outdated data.
  • Request deletion of your data where no legal obligation requires its retention.
  • Opt out of marketing communications at any time.

Security Measures

We implement industry-standard technical and organisational measures to protect your information from unauthorised access, alteration, disclosure or destruction. These include encrypted data transmission, secure server hosting and restricted access controls.

Contact

If you have questions or wish to exercise your rights, please contact us:

Email: [email protected]
Phone: 02 6685 4477
Post: 7/18 Oceanview Crescent, Byron Bay, NSW 2481