Website Rules for Salons & Beauty Businesses
Before/after photos, online booking, Instagram embeds and newsletter signups. Salon websites touch more legal requirements than most owners realize.
Common issues for hair & beauty salons
Before/after photos need consent
Photos of clients require written consent under GDPR, especially if treatments could reveal health information.
Booking data is personal data
Appointment booking systems collect names, contact info, and sometimes treatment details. This is personal data under GDPR.
Instagram embeds track visitors
Embedded Instagram feeds load Meta tracking scripts. These need cookie consent before loading.
Portfolio images may be unlicensed
Stock photos mixed with your own work can trigger copyright claims if not properly licensed.
4
Key issues
4
Areas checked
9
Guides
Real-world enforcement
In 2023, the Spanish AEPD fined a beauty salon €5,000 for posting before/after photos of clients on Instagram without explicit written consent. Under GDPR Article 9, photos that reveal health information (such as skin treatments or dental work) require special category consent — a higher standard than regular GDPR consent.
Official resources
We run the same complete check on every website. The guides below highlight which issues come up most often for each type of business.
Guides for hair & beauty salons
Web Designer Copyright Liability: Who Pays in the EU?
If your web designer used unlicensed images, who pays the copyright claim under EU law? Operator liability, regress claims and a warranty clause template.
Cookie Banner Requirements Under EU Law (2026 Guide)
Cookie banner requirements in the EU 2026: reject equal to accept, no dark patterns, prior consent. EDPB Guidelines 05/2020 explained.
EAA for Irish small businesses: SI 636/2023 compliance
EAA small business guide for Ireland: S.I. 636/2023, micro-enterprise exemption, CRO disclosure, WCAG 2.1 AA and CCPC expectations.
GDPR compliance checklist for Irish businesses (2026)
GDPR compliance checklist for Irish businesses. DPC enforcement, DPA 2018, ePrivacy Regs 2011, CRO disclosure, cookie consent and processor agreements.
Accessibility Statement Template for Irish Businesses
What an accessibility statement must contain for an Irish business website under S.I. 636 of 2023, where to point complainants, and a template you can adapt.
Safe Free Stock Photos for Irish Business Websites
Free image sources that are actually safe for Irish business websites, what the licences allow, and how the Irish Copyright and Related Rights Act 2000 fits.
AI-Built Website Liability in Ireland
Your developer used Cursor or Lovable. If the site breaks GDPR or cookie law, the DPC enforces against you. What the AI Act and 9 Dec 2026 change.
AI-Generated Code and Open-Source Licences (Ireland)
Copilot or Cursor wrote GPL code into your site. The site operator distributes it, not the AI. What Doe v. GitHub decided and what to do about it.
AI-Generated Images on Irish Business Websites (2026)
Article 50(4) of the AI Act applies 2 Aug 2026. The four risk layers an Irish SMB should check before publishing AI-generated images on a website.
Check your hair & beauty salons website now
150+ checks across GDPR, copyright, accessibility, security and more. No account needed.
I understand this is a technical scan, not legal advice, and I accept the Terms.