Privacy Policy

MehndiMe (“we”, “our”, or “us”) is committed to protecting your privacy and ensuring that your personal data is handled responsibly, transparently, and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, store, and protect your information when you use our website, mobile app, or related services.

By using MehndiMe, you agree to this Privacy Policy. If you do not agree, please stop using the platform.

MehndiMe is a UK-based online platform that connects clients seeking Mehndi (henna) services with independent Mehndi artists. For the purposes of the UK GDPR, MehndiMe is the data controller responsible for your personal data.

If you have any questions about this policy or how your data is handled, you can contact us at: team.mehndime@gmail.com

We collect personal and non-personal data when you interact with the platform. This may include:

a. Information You Provide Directly

• Name, email address, and phone number (for verification and communication).
• Profile details such as portfolio images, service descriptions, and pricing (for Artists).
• Booking details, including event dates, location, and preferences (for Clients).
• Payment details (processed securely by third-party providers — we do not store full card details).
• Messages exchanged through the platform.
• Transaction metadata, including payment status, payout schedules, security hold dates, and booking payment history.

b. Information Collected Automatically

• Device information, browser type, and operating system.
• IP address and approximate location.
• Usage data such as pages visited, features used, and time spent on the platform.

c. Information from Third Parties

• Identity verification partners (for email/phone checks).
• Payment processors for secure transactions.
• Analytics and marketing platforms that help us improve user experience.

We use your information to:

• Enable account creation, booking requests, and secure communication.
• Process and release payments between Clients and Artists.
• Verify identity and prevent fraud or unauthorised activity.
• Respond to enquiries, complaints, or disputes.
• Send important updates about your bookings, payments, or account.
• Improve, personalise, and secure the MehndiMe platform.
• Comply with legal obligations or requests from authorities.
• Make automated decisions regarding booking management, such as cancelling bookings with overdue payments or releasing held funds to Artists in accordance with our platform policies.
• Monitor communications on the platform using automated systems to detect policy violations, including off-platform solicitation, in order to maintain platform integrity and user safety.

We do not sell, rent, or trade your personal data.

We process your personal data under one or more of the following lawful bases:

• Contractual necessity — to perform the services you request.
• Legitimate interests — to operate and improve our platform securely.
• Legal obligation — to comply with UK laws and regulations.
• Consent — where you choose to receive marketing or promotional updates.

You may withdraw consent for marketing at any time by emailing us at team.mehndime@gmail.com.

Your data may be shared only where necessary to deliver our services, including:

• With other Users (e.g., Clients and Artists) for booking purposes.
• With trusted third-party service providers (e.g., payment processors, hosting partners).
• With law enforcement or regulatory bodies, if required by law or to protect users' safety.

All third parties are bound by strict confidentiality and data protection agreements.

We take appropriate technical and organisational measures to protect your data from unauthorised access, alteration, disclosure, or loss.

Payment data is processed and stored by our payment partner, Stripe, under their own privacy and security policies. MehndiMe does not store full card details on its own servers.

Data is stored securely using encryption and access controls.

If a data breach occurs that may impact your rights or freedoms, we will notify you and the relevant UK authorities (ICO) promptly, in line with legal requirements.

We retain your personal data only for as long as necessary to:

• Provide and support your use of MehndiMe.
• Meet our legal, tax, or accounting obligations.
• Resolve disputes and enforce our agreements.

When no longer required, your information will be securely deleted or anonymised.

You have the following rights over your personal data:

• Access — request a copy of your personal data.
• Rectification — correct inaccuracies in your information.
• Erasure — request deletion of your data where appropriate (“right to be forgotten”).
• Restriction — limit how your data is used.
• Portability — request transfer of your data to another service.
• Objection — object to processing for marketing or legitimate interest purposes.

To exercise any of these rights, email us at team.mehndime@gmail.com.

We aim to respond within 30 days.

If you're not satisfied with our response, you have the right to contact the Information Commissioner's Office (ICO) at www.ico.org.uk.

We use cookies and similar technologies to:

• Improve user experience and platform performance.
• Remember your login preferences.
• Analyse traffic and usage trends.

The types of cookies we use include:

• Essential cookies — required for the platform to function correctly (e.g., authentication, session management). These cannot be disabled.
• Analytics cookies — help us understand how users interact with the platform so we can improve it. These can be declined.

You can adjust your browser settings to decline cookies, but some features may not work properly as a result.

Where data is transferred outside the UK (e.g., through third-party tools or servers), we ensure appropriate safeguards are in place — such as standard contractual clauses or UK adequacy decisions — to protect your information.

Our platform may contain links to third-party websites.

MehndiMe is not responsible for the privacy practices or content of these external sites. We encourage you to read their privacy policies before sharing your data.

We may update this Privacy Policy periodically to reflect changes in our practices or legal obligations.

When significant changes are made, we will notify users via email or platform alerts.

The latest version will always be available on our website.

If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at: team.mehndime@gmail.com