← Back to home

Privacy Policy

Velvet Lounge Beauty Services (“Velvet Lounge”, “we”, “us”, or “our”) · Last updated: 21 March 2026

Important: This Privacy Policy describes how we collect, use, store, and protect personal information when you use our website (https://thevelvet.in), book appointments, visit our studio, or otherwise interact with us. It is provided for general information and does not constitute legal advice. You should obtain independent legal counsel to ensure compliance with all laws that apply to your situation.

1. Who we are

Velvet Lounge is the customer-facing brand operated by a Proprietorship concern registered in India under the legal name GANDURI UOOHA, with trade name VELVET LOUNGE BEAUTY SERVICES (aligned with Velvet Lounge Beauty Services). Our studio is located at Shop No 1 & 2, H.No 4-3-186/3&4, Midani Colony, Main Road, Hayathnagar, Hyderabad, Rangareddy, Telangana, 501505. Our GSTIN is 36BRVPG5314C1ZU (regular taxpayer; registration effective 20 March 2026, subject to official records).

For the purposes of applicable data protection laws (including, where relevant, the Digital Personal Data Protection Act, 2023 (“DPDP Act”) in India), we act as the primary decision-maker regarding the processing of personal data described in this policy, unless another entity is identified as a joint or independent controller in a separate notice.

2. Scope of this policy

This policy applies to:

  • Visitors to our website and social media channels we control;
  • Clients and prospective clients who enquire, book, or receive services;
  • Individuals who communicate with us by phone, email, messaging apps, or in person;
  • Recipients of marketing communications where you have opted in or where permitted by law.

It does not apply to third-party websites, payment processors’ standalone policies, or platforms (e.g. Google, Meta) except where we integrate their tools on our site—please review their policies separately.

3. Personal data we collect

Depending on how you interact with us, we may collect the following categories of information:

3.1 Identity and contact details

  • Name, title, and salutation;
  • Phone number, email address, and postal or billing address where provided;
  • Date of birth or age band where needed for service suitability or legal compliance;
  • Emergency contact details if you choose to provide them.

3.2 Booking, appointment, and transaction data

  • Appointment date, time, service type, stylist or therapist preferences;
  • Purchase history, deposits, invoices, refunds, and payment status (payment card data is typically processed only by our payment partners);
  • Pre-booking offers, discount codes, and loyalty or referral participation.

3.3 Health, skin, and service-related information

For certain treatments we may collect sensitive or special-category information that you voluntarily provide, such as allergies, skin conditions, pregnancy status, medications, or patch-test results. We collect this only where necessary to perform services safely and with your explicit consent where required by law.

3.4 Technical and usage data (website)

  • IP address, browser type and version, device identifiers, operating system;
  • Pages viewed, referring URLs, time and duration of visit, approximate location derived from IP;
  • Cookies and similar technologies (see Section 8).

3.5 Communications and feedback

  • Messages you send us, call recordings where legally recorded and disclosed;
  • Reviews, surveys, complaints, and social mentions directed at us.

3.6 Imagery

With your separate consent, we may capture before/after photographs or video for portfolio, training, or marketing. You may withdraw consent subject to any prior lawful publication.

4. How we collect personal data

  • Directly from you—online forms, booking tools, email, phone, in-salon consultation cards, or paper forms;
  • Automatically—when you use our website (cookies, analytics);
  • From others—where someone books on your behalf (we will ask them to confirm they are authorised), or from referrals with your knowledge;
  • From public sources—where permitted, such as publicly listed business directories.

5. Purposes and legal bases for processing

We use personal data for purposes including:

  • Providing services—scheduling, performing treatments, client safety, and follow-up care instructions;
  • Contract administration—quotes, confirmations, changes, cancellations, and billing;
  • Legal and regulatory compliance—tax, accounting, health-and-safety obligations, responding to lawful requests from authorities;
  • Legitimate interests—improving our services, staff training, fraud prevention, website security, and analytics (balanced against your rights);
  • Marketing—where you have opted in or where applicable law allows soft opt-in for similar services;
  • Consent—where required for sensitive data, direct marketing in certain channels, non-essential cookies, or optional photography.

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

6. Sharing and disclosure

We may share personal data with:

  • Service providers—hosting, IT support, booking or CRM software, email delivery, analytics, payment gateways, and accounting tools, under confidentiality and data-processing terms where appropriate;
  • Professional advisers—lawyers, auditors, or insurers when necessary;
  • Authorities—when required by law, court order, or to protect rights, safety, or property;
  • Business transfers—in connection with a merger, acquisition, or asset sale, with notice where required.

We do not sell your personal data in the conventional sense. If we use advertising or analytics partners that process data for their own purposes, we will describe this in our cookie notice and obtain consent where required.

7. International transfers

Your data is primarily processed in India. If we use tools hosted outside India (e.g. cloud or email), we will take steps consistent with applicable law—such as standard contractual clauses, adequacy decisions, or your explicit consent where required—to ensure appropriate safeguards.

8. Cookies and similar technologies

We use cookies and similar technologies to operate the site, remember preferences, measure traffic, and—if you consent—to support marketing and personalisation. You can control cookies through your browser settings and, where provided, our cookie banner. Essential cookies may remain active for core functionality.

9. Retention

We retain personal data only as long as necessary for the purposes above, including statutory limitation periods for tax, contract, and consumer claims. Health-related notes may be retained longer where professional or regulatory standards require. When retention ends, we delete or anonymise data securely.

10. Security

We implement appropriate technical and organisational measures—such as access controls, staff training, secure systems, and vendor diligence—to protect personal data against unauthorised access, loss, or alteration. No method of transmission over the Internet is completely secure; we encourage you to use strong passwords and protect your devices.

11. Your rights

Subject to applicable law, you may have the right to access, correct, update, or delete your personal data; restrict or object to certain processing; request portability where technically feasible; and lodge a complaint with a supervisory or regulatory authority. In India, rights under the DPDP Act (including access to information, correction, erasure, grievance redressal, and nomination) may apply once fully operational and subject to rules and exemptions.

To exercise rights, contact us using the details in Section 14. We may need to verify your identity before responding. We will respond within timelines required by law where applicable.

12. Children

Our services are not directed at children without parental involvement. We do not knowingly collect personal data from minors without appropriate parental consent. If you believe we have collected such information, please contact us and we will take steps to delete it.

13. Automated decision-making

We do not use solely automated decision-making that produces legal or similarly significant effects regarding you. If this changes, we will update this policy and provide any required information.

14. Changes to this policy

We may update this Privacy Policy to reflect legal, technical, or business changes. The “Last updated” date will be revised, and where appropriate we will notify you by email, notice on our website, or at your next visit.

15. Contact & grievance redressal

For privacy questions, requests, or complaints, contact Velvet Lounge:

  • Email: hello@thevelvet.in
  • Phone: +91 96662 57570
  • Address: Shop No 1 & 2, H.No 4-3-186/3&4, Midani Colony, Main Road, Hayathnagar, Hyderabad, Rangareddy, Telangana, 501505
  • Legal name: GANDURI UOOHA · Trade name: VELVET LOUNGE BEAUTY SERVICES
  • GSTIN: 36BRVPG5314C1ZU

We will acknowledge and address grievances in line with applicable timelines. You may also have the right to escalate to the Data Protection Board of India or other competent authority as the law may provide from time to time.

16. Related documents

Please also read our Terms of Service, which describe the rules for using our website and booking services.