Faces GDPR Practice

How we handle personal data

All personal data is securely stored within our dedicated amazon servers based in the UK.

Passwords to users accounts are encrypted meaning company admin do not have access to these, only the users themselves. If a user needs help from the admin to look into an issue within their account, the user may be asked to share this information with a Faces representative.

All user personal information should be kept up to date incase Faces needs to get in touch with users for any urgent data issues.

Faces is transparent on how it uses user data and which is not shared with any third party that does not have affiliation with Faces in terms of marketing.

Faces does need to provide third party softwares or government laws at times with user personal Information, allowing third parties to help us run key software features smoothly.

For example, we use Twillo to allow you to send out SMS messages to clients. You can find out about Twillos policies here: https://www.twilio.com/legal/privacy.

We also use Google Analytics to help us understand how our customers use the site - you can read more about how Google uses your personal information here: https://www.google.com/intl/en/policies/privacy/.

You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Stripe is another key software, information may be shared with allowing the functionality of Faces to run efficiently. You can find out about Stripe policies here: https://stripe.com/gb/privacy#how-we-use-personal-data

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

All personal data is restricted to either internal business use and heavily restricted to what needs to be used.

Users can at any time request to have their Faces account masterly deleted, removing all data associated with them. This would be done by contacting the Data Controller Ben O’Brien at [email protected]

All client consent forms and client information associated with the users account can be deleted on request. Users have the ability to remove all data from Faces and download the required information directly to their own systems. Users can login to their Faces account and download client information and consent forms. Which can then be removed from Faces if required.

We also use personal information such as email addresses to send out email campaigns to our users. All email campaigns are powered by the email software provider MailChimp. You can find out more about MailChimp policies here: https://mailchimp.com/legal/

When we send out emails from time-to-time users are free to unsubscribe at any point. This can be done at the footer of the email and you won’t be contacted again for marketing purposes.

How you can export your data

Exporting data can be simply done by logging into the Faces website and downloading all your consent forms into PDF files. You can also download all personal client data in a CSV file from within the Faces website.

If you need help editing your data

If there is a problem with your data we’ll help you fix it, or if you need data deleted, contact the data controller and data will be completed within 30 days.


If our data is ever breached, then we will inform you personally and will make a formal announcement to all our users. We will then take necessary action to clear the situation.

Who is the Data Protection officer?

The data protection officer for Faces is Ben O’Brien. Ben can be contacted at [email protected] all emails will be responded to within 7 working days.

We use cookies to personalise your experience of the site and to analysis our traffic. By Clicking "OK" or by clicking into any content on this site, you agree to allow cookies to be placed. Okay