Privacy Policy

Last Updated: April 2026

At YLG Salon Chennai, your privacy is important to us. This Privacy Policy explains how LS ENTREPRISES ("we," "our," or "us"), the operator of YLG Salons in Chennai, collects, uses, shares, and protects your personal information when you interact with our website (ylgchennai.in), book appointments, or engage with us via WhatsApp, email, or in person.

By using our website or services, you consent to the practices described in this policy. If you disagree with any part of this policy, please refrain from using our website or services and contact us to discuss your concerns.

1. Who We Are

LS ENTREPRISES is the authorised Master Franchisee for YLG Salons in Chennai, Tamil Nadu, India. We operate the following salon locations:

• YLG Salon Adyar
• YLG Salon Anna Nagar
• YLG Salon Besant Nagar
• YLG Salon Porur

For the purposes of data protection, LS ENTREPRISES is the data controller responsible for personal data collected through this website and our salon operations. The YLG brand is owned by R&R Salons Pvt Ltd, which may also independently collect data under its own privacy terms for brand-level services.

2. Information We Collect

2.1 Information You Provide Directly

When you book an appointment, fill out a contact form, subscribe to our newsletter, or communicate with us, we may collect:

• Name — to personalise your appointment and communications
• Phone Number — to confirm bookings and send WhatsApp reminders
• Email Address — for booking confirmations, receipts, and marketing (with consent)
• Preferred Services — to personalise your experience and recommend relevant treatments
• Appointment History — to provide continuity of care across visits
• Health Information (if disclosed) — skin/hair conditions, allergies, or sensitivities shared for the purpose of safe service delivery

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical data:

• IP Address — for security and analytics
• Browser & Device Type — to optimise your website experience
• Pages Visited & Session Duration — to understand how visitors use our site
• Referral Source — to understand where visitors come from (Google, Instagram, etc.)
• Cookies & Tracking Pixels — as described in Section 7 below
• UTM Parameters — to attribute marketing campaigns accurately

2.3 Information from Third Parties

We may receive information about you from third-party platforms such as Google Ads, Meta (Facebook/Instagram), and our CRM system (Zylu) when you interact with our advertisements or booking systems. This may include form completions, ad clicks, and conversion events.

3. How We Use Your Information

We use your personal information for the following purposes:

• Appointment Management: Booking, confirming, rescheduling, and sending reminders for appointments via phone, WhatsApp, or email
• Service Personalisation: Understanding your preferences to recommend appropriate services, products, and stylists
• Customer Support: Responding to queries, complaints, or feedback you submit through any channel
• Marketing Communications: Sending promotional offers, seasonal deals, and beauty tips via WhatsApp, email, or SMS — only with your consent and only to the extent permitted by law
• Analytics & Improvement: Analysing website traffic and user behaviour to improve our services and website performance
• Advertising: Running targeted advertisements on Google and Meta platforms using anonymised or hashed audience data
• Legal & Compliance: Meeting our legal obligations, resolving disputes, and enforcing our terms
• Safety: Verifying health disclosures to ensure treatments are administered safely

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

• Contractual Necessity: To fulfil our obligations when you book an appointment or purchase a service
• Legitimate Interests: For analytics, fraud prevention, and improving our operations, where these interests are not overridden by your rights
• Consent: For marketing communications, cookies, and retargeting — which you may withdraw at any time
• Legal Obligation: To comply with applicable Indian laws, tax regulations, and regulatory requirements

5. How We Share Your Information

We do not sell your personal information to third parties. We may share your data only in the following circumstances:

• Service Providers: Trusted third-party tools and platforms that help us operate our business, including Zylu (CRM and booking system), HubSpot (CRM and lead management), Google (Analytics and Ads), Meta (Facebook and Instagram Ads), and email/messaging service providers. These processors are contractually obligated to protect your data.
• R&R Salons Pvt Ltd: The YLG brand owner may receive aggregated or anonymised operational data for brand-level reporting. We do not share individual customer data with them for marketing purposes without your explicit consent.
• Legal Requirements: When required by law, court order, or government authority in India
• Business Transfers: In the event of a merger, acquisition, or sale of business assets, your data may be transferred to the new entity, subject to the same privacy protections

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law.

• Booking & Appointment Data: Retained for 3 years from your last visit, to allow continuity of service and resolve any disputes
• Marketing Communication Records: Retained until you opt out, after which we maintain a suppression record to honour your opt-out
• Website Analytics Data: Retained in aggregated or anonymised form for up to 26 months via Google Analytics (standard retention setting)
• Financial & Transaction Records: Retained for 7 years as required under Indian tax and accounting law
• Health & Sensitivity Data: Retained only for the duration of your active client relationship and deleted within 12 months of your last appointment

7. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and to support our marketing and analytics functions.

Types of Cookies We Use

• Strictly Necessary: Required for the website to function correctly (e.g., session management, form submissions). Cannot be disabled.
• Analytics Cookies: Set by Google Analytics and Google Tag Manager to measure how visitors use our site. Data is aggregated and anonymised.
• Marketing & Advertising Cookies: Set by Meta Pixel and Google Ads to track conversions from our advertising campaigns and to serve you relevant ads on social media and Google. This includes the use of Enhanced Conversions (hashed email/phone data).
• Functional Cookies: Used to remember your preferences, such as your preferred salon location or service category.

You can control cookie settings through your browser. However, disabling certain cookies may affect the functionality of the website. Our use of Enhanced Conversions technology involves sending hashed (not plain-text) data to Google for improved attribution — no raw personal data is transmitted to Google's servers.

8. WhatsApp & SMS Communications

We use WhatsApp Business API (via a registered WABA number) to send appointment reminders, booking confirmations, and promotional offers. By providing your phone number through any booking or inquiry form, you provide consent to receive these messages.

You can opt out of WhatsApp marketing messages at any time by replying "STOP" or "UNSUBSCRIBE" to any message we send. Transactional messages (e.g., booking confirmations, reminders for appointments you have scheduled) cannot be disabled as they are essential to service delivery.

Message frequency may vary based on your activity. Standard data rates may apply depending on your mobile carrier.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These include:

• HTTPS encryption on all pages of this website
• Access controls limiting who within our team can view customer data
• Use of trusted, security-audited third-party platforms for data storage and CRM
• Hashing of sensitive data (such as phone numbers and emails) before transmission to advertising platforms
• Regular review of data access permissions and third-party integrations

No method of data transmission or storage over the internet is completely secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights or privacy, we will notify you as required by applicable law.

10. Your Rights

You have the following rights with respect to your personal data. To exercise any of these rights, please contact us using the details in Section 13.

• Right to Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request that we correct inaccurate or incomplete personal data.
• Right to Erasure: You may request that we delete your personal data where there is no legitimate reason for us to continue holding it. Note that certain data may need to be retained for legal or contractual obligations.
• Right to Object: You may object to our processing of your personal data for marketing purposes at any time.
• Right to Restrict Processing: You may request that we restrict the processing of your data in certain circumstances.
• Right to Data Portability: You may request a copy of your data in a commonly used, machine-readable format.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

We will respond to all requests within 30 days. If we are unable to fulfil your request, we will explain why. We will not charge a fee for reasonable requests.

11. Children's Privacy

Our website and services are not directed at children under the age of 13. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately and we will delete it from our records.

For clients between 13 and 18 years of age receiving salon services, we require the presence or explicit consent of a parent or guardian for certain treatments.

12. International Data Transfers

Some of our third-party service providers (e.g., Google, Meta/Facebook) are located outside India and may process your data on servers in other countries. When your data is transferred internationally, we ensure that appropriate safeguards are in place, including standard contractual clauses or reliance on the privacy frameworks of those providers.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make significant changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or services after changes constitutes acceptance of the updated policy.