Privacy Policy

Last updated: April 2026

1. Who we are

ReturnLoop Nails is operated by Booking Butler Ltd, Company No. 16391467, registered in England and Wales. Our registered address is available on request. We are the data controller for personal data collected through this website and platform.

Contact us at: [email protected]

2. What data we collect

We collect the following categories of personal data:

  • Account data: name, email address, login method (collected when you sign up)
  • Business profile data: salon name, trade type, bio, contact details, address, services, areas covered
  • Client data (entered by nail techs): client first name and mobile phone number, used solely to send the review request SMS
  • Review data: reviewer name, star rating, and written comment submitted via the public review page
  • Usage data: pages visited, features used, timestamps — collected via server logs and analytics

3. How we use your data

  • To provide and operate the ReturnLoop Nails platform
  • To send review request SMS messages on behalf of nail technicians (client data only)
  • To display reviews on public business review pages
  • To send service-related communications (e.g. account notifications)
  • To improve the platform through aggregated, anonymised analytics

4. Legal basis for processing

We process personal data under the following legal bases (UK GDPR):

  • Contract performance — to deliver the service you have signed up for
  • Legitimate interests — to improve the platform and prevent fraud
  • Consent — for marketing communications (you may withdraw at any time)

5. SMS opt-out

Every review request SMS sent via ReturnLoop Nails includes an opt-out instruction ("Reply STOP to opt out"). If a client opts out, their number is flagged and no further SMS messages are sent to that number from our platform. Nail technicians are responsible for maintaining their own client consent records in accordance with PECR.

6. Data sharing

We do not sell personal data. We share data only with:

  • Twilio Inc. — to deliver SMS messages (subject to Twilio's privacy policy)
  • Cloud infrastructure providers — for hosting and database services
  • Law enforcement or regulatory bodies where required by law

7. Data retention

We retain account data for as long as your account is active. Client phone numbers used for SMS are retained for 12 months to prevent duplicate sends, then deleted. Reviews are retained indefinitely unless you request deletion. You may request deletion of your data at any time by emailing [email protected].

8. Your rights

Under UK GDPR you have the right to: access your data, correct inaccurate data, request erasure, restrict processing, data portability, and to object to processing. To exercise any right, contact [email protected]. You also have the right to lodge a complaint with the ICO at ico.org.uk.

9. Cookies

We use a session cookie to keep you logged in. We do not use third-party advertising cookies. Analytics data is collected in aggregate and does not identify individual users.

10. Changes to this policy

We may update this policy from time to time. We will notify registered users of material changes by email. Continued use of the platform after changes constitutes acceptance of the updated policy.