Online marketing has become indispensable for hair salons. But anyone who runs a website, posts on Instagram, or sends a newsletter operates within a dense web of laws and regulations. A violation can quickly become expensive: cease-and-desist letters, fines, and reputational damage — often over small details that could have been easily avoided.
This guide explains the most important legal requirements for hair salon online marketing in Germany in 2026. Clear, practical, and with concrete recommendations for action.
The Legal Notice Requirement Under the Digital Services Act (DDG)
Since the Digital Services Act (Digitale-Dienste-Gesetz / DDG) took effect in May 2024, it has replaced the former Telemediengesetz (TMG). The legal notice requirement remains in effect and applies to all commercial online presences — and that covers far more than just your website.
Where Do You Need a Legal Notice (Impressum)?
- Your website (always required)
- Instagram profile (in the profile link or via a Linktree page with a legal notice link)
- Facebook page (in the info section)
- Google Business Profile (in the description or via website link)
- TikTok profile (when used commercially)
What Must Be Included in the Legal Notice?
For a hair salon operating as a sole proprietorship or GmbH, the following information is mandatory:
- Full name of the owner or managing director
- Legal form of the business (e.g., sole proprietorship, GmbH)
- Postal address (no P.O. boxes)
- Email address for quick electronic contact
- Phone number or alternative contact form
- Commercial register entry (if applicable) with court and registration number
- VAT identification number (if applicable)
- Chamber of Crafts membership and professional title “Friseur” (Hairdresser) with indication of the country where the professional qualification was obtained
Ad Labeling: When Does an Instagram Post Become Advertising?
The obligation to label advertising is one of the most common stumbling blocks in social media marketing. Since the UWG (Unfair Competition Act) amendment of 2022 and the updated media authority guidelines of 2024, the rules are clearer — but also stricter.
The Basic Rule
Every post that serves a commercial purpose must be recognizable as advertising. The principle of separating editorial and commercial content applies to social media as well.
When Must You Label Content as Advertising?
Always label when:
- You are promoting a product or service for which you received compensation (money, free products, discounts)
- You use affiliate links
- You publish a sponsored post
- A manufacturer provides you with products for free and you report on them
No labeling required when:
- You recommend products you purchased yourself, out of genuine conviction, without receiving compensation
- You promote your own services (your Instagram profile is obviously a business account)
How to Label Correctly
Correct labeling:
- “Werbung” (Advertising) or “Anzeige” (Ad) at the beginning of the post
- Clearly visible and immediately recognizable
- In German for a German-speaking audience
- For Instagram Stories: as a text overlay in the first frame
What This Means for Daily Salon Operations
If a product manufacturer provides your salon with hair color or care products for free and you feature them on Instagram, that’s advertising. Label the post with “Werbung” (Advertising) at the beginning of the text. If, on the other hand, you purchased a product yourself and recommend it out of genuine conviction, no labeling is required — but transparency never hurts.
Before-and-After Photos: The Legal Gray Zone
Before-and-after photos are the strongest content type for hair salons. They visually demonstrate your skills in a compelling way. But legal pitfalls lurk here.
The Medicinal Products Advertising Act (HWG)
The HWG (Heilmittelwerbegesetz) prohibits the use of before-and-after depictions when advertising certain treatments and products, particularly in the medical and cosmetic field. For purely professional hairdressing services like cuts and colorations, this prohibition generally does not apply.
But be careful with:
- Hair loss treatments: If you advertise products or treatments for hair loss that suggest a medical or therapeutic effect, before-and-after images may fall under the HWG.
- Scalp treatments: Similarly problematic when a healing effect is implied.
- Hair extensions and thickening: The legal situation is less clear here. When in doubt, keep the presentation factual and avoid exaggerated health claims.
Data Protection for Before-and-After Photos
Regardless of the HWG: You need the explicit, written consent of every client whose photo you publish. This consent must:
- Be given voluntarily (no pressure, no linking to discounts)
- Specify the concrete purpose of use (e.g., “Publication on Instagram and website”)
- Be revocable at any time
- Be documented in compliance with GDPR
Reviews and Testimonials: What’s Permitted?
Online reviews are crucial for acquiring new clients. But there are boundaries here as well.
What You May Do
- Actively ask clients for an honest review
- Share positive reviews on your website or social media (with source attribution)
- Respond to negative reviews factually and professionally
What You May Not Do
- Buy fake reviews or write them yourself — this violates competition law and can have criminal consequences
- Have negative reviews deleted simply because you don’t like them (only for demonstrably false statements of fact or insults)
- Exchange reviews for incentives without transparent disclosure (e.g., “10% discount for a Google review” — this must be disclosed)
GDPR Basics for Daily Salon Operations
The General Data Protection Regulation (GDPR / DSGVO) affects every salon that is active online. Here are the most important obligations at a glance.
Privacy Policy on the Website
Every website needs a privacy policy that explains:
- What personal data is collected
- For what purpose the data is processed
- On what legal basis the processing occurs
- How long the data is stored
- What rights the affected person has (access, deletion, objection)
- Who is responsible (name, address, contact)
Cookie Consent: The Banner Requirement
If your website sets tracking cookies (Google Analytics, Facebook Pixel, marketing tools), you need a cookie consent banner that:
- Obtains active consent from the user before setting cookies
- Offers a genuine choice (not just “Accept All”)
- Clearly distinguishes technically necessary cookies from optional ones
- Documents consent and allows withdrawal at any time
Contact Forms
Every contact form on your website must:
- Reference the privacy policy
- Only request data that is actually needed (data minimization)
- Ensure SSL-encrypted transmission (HTTPS)
- Not store entered data longer than necessary
Newsletter and Email Marketing
For sending newsletters, the strict double opt-in procedure applies:
- The client enters their email address
- They receive a confirmation email
- Only after clicking the confirmation link may you send them newsletters
- Every newsletter must contain a functioning unsubscribe link
No double opt-in, no newsletter. Violations are penalized with significant fines.
Online Appointment Booking
If you use an online booking system, ensure that:
- The privacy policy covers the booking process
- The booking system provider has signed a data processing agreement (DPA) with you
- Data is stored on servers within the EU (or an adequate level of data protection is guaranteed)
Checklist: Legally Compliant Online Marketing for Your Salon
Use this checklist to review your online presence for the most important legal requirements:
- Legal notice present and complete on website, Instagram, Facebook, and Google
- Privacy policy on the website current and complete
- Cookie consent banner correctly implemented
- Contact forms GDPR-compliant (SSL, privacy notice, data minimization)
- Newsletter only with double opt-in and unsubscribe link
- Before-and-after photos only with written client consent
- Ad labeling for sponsored or paid posts
- No fake or purchased reviews
- Data processing agreements with all external service providers (booking system, newsletter tool, analytics tools)
- Processing records created per Art. 30 GDPR
Common Mistakes and How to Avoid Them
Mistake 1: No Legal Notice on Social Media
Many salon owners forget that their Instagram profile also needs a legal notice. Solution: Link your website’s legal notice page in the bio link.
Mistake 2: Google Analytics Without Cookie Consent
Google Analytics sets tracking cookies that require active consent. Without a consent banner, its use is illegal.
Mistake 3: Client Photos Without Consent
Posting client photos on Instagram without written consent violates the GDPR and the right to one’s own image. Even verbal agreements are insufficient in the event of a dispute.
Mistake 4: Outdated Privacy Policy
A privacy policy from 2018 is very likely outdated. Review at least once a year whether all tools and services in use are correctly listed.
Conclusion: Compliance as a Competitive Advantage
Legally compliant online marketing isn’t a bureaucratic obstacle — it’s a quality indicator. Clients trust salons that present themselves professionally and transparently. A correct privacy policy, a complete legal notice, and proper ad labeling signal seriousness and competence.
Take half a day to review your online presence using the checklist above. Most items can be corrected without significant effort. For complex questions — particularly regarding the HWG or specific partnership agreements — the investment in a brief legal consultation is worthwhile.
Want to make sure your online marketing is on solid legal ground? We review your digital presence for the most important compliance requirements and ensure you can focus fully on your craft. Schedule a free initial consultation now.