At the Nutri Low Down Ltd (we/us/our) we respect and value the privacy of everyone who visits our website nutrilowdown.com a (“Our Sites”) and those who enquire and/or purchase our products and services. We will only collect and use personal data in ways that are described here, and in a manner that is consistent with Our obligations and your rights under the law. Nutri Low Down Ltd are the data controllers of this information for the purposes of this policy.
1. What Does This Policy Cover?
2. Personal Information We Collect And Why We Collect It
Supplying our products and services to you: Nutri Low Down nutrilowdown.com
Information you give us on our forms. This data includes your name and email address. This is a electronic based record. It will not be processed for any other purposes other than providing you with information regarding the products and services you have shown an interest in by joining and contacting you by email to receive your feedback. This data may be transferred to Campaign Monitor (see section 4) in order that we can stay in contact with you. This paper form is kept securely for one year and thereafter it will be destroyed safely.
Information you give us on our questionnaires. This data includes your name, address including postcode, email address, telephone number, emergency contact name and their phone number, name and address of your General Practitioner, your medical history and information relating to your lifestyle and diet. We may also collect from you, your body measurement data including weight and anonymised ‘before and after’ photos. This data is kept securely on our internal systems. The data, provided by you, on this questionnaire is necessary in order that we can supply our products and services to you and to ensure we can safely fulfil our contract with you. We also use this information to communicate with you and handle your enquiries regarding your contract with us.
Information you give us on our ‘Contact Us’ forms. Should you choose to contact us using the contact form on our Contact Us page, on either of Our Sites, your name and email address along with your request/enquiry will be stored by Our Sites which is hosted by DreamHost (see section 4). It will not be passed to nor processed by any other third party data processor other than those mentioned in section 4. The data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices. This information is used to make contact with you and answer your enquires and will not be used for any other purposes. This data will be kept until you ask us to delete it.
Marketing with your consent
If you consent to join our mailing list we may use your data to contact you via email with information, news, updates and offers on Our products and services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that We fully protect your rights and comply with Our obligations under the GDPR.
The email address that you submit will be stored within Our Sites’ own databases or in any of our internal computer systems.
Your name and email address will remain within Campaign Monitor’s database for as long as we continue to use Campaign Monitor’s services.
If you are under 18 years of age you MUST obtain parental consent before joining any of our mailing lists.
Other legitimate purposes
Providing and managing access to our Site
Expressed interests or made a purchase of our products/services
If you have enquired or bought a product or service from us in the past we will use your name and email address provided at that time to add you our mailing database in Mail Chimp to reconnect with you and inform you of similar products, offers, discounts and keep you updated by email. Your data will be held in Mail Chimp (see section 4).
Your data will not be passed on to any other third parties, other than those detailed in section 4, nor used for any other purposes. Your name and email address will remain within Mail Chimp’s database for as long as we continue to use Mail Chimp
Nutri Low Down Ltd retains records of all of its financial transactions with you for six years in order to comply with its legal obligations to maintain adequate accounting records. Nutri Low Down Ltd may use (and disclose) the information it holds about you in order to comply with any investigative demand, court order, or a request for cooperation from law enforcement or other government agency.
Your right to withdraw consent
You have the right to withdraw your consent at any time. You can do this by unsubscribing using the unsubscribe links contained in any emails that we send you or emailing email@example.com to request your data to be deleted.
3. How We Store Your Personal Information
All personal data is processed and stored securely and kept as detailed in sections 2 and 4. We will comply with Our obligations and safeguard your rights under the GDPR at all times.
4. Our Third Party Processors And The Data They Hold
We contract with third parties to supply services on Our behalf. These can include payment processing, delivery of goods, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.
Some or all of your data may be stored outside of the European Economic Area (“the EEA”) with our Third Party Processors. You are deemed to accept and agree to this by using either or both of Our Sites and submitting information to Us. If We do store data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and GDPR.
Our current Third Party Processors are:
5. Disclosure Of Your Information
Subject to section 6, we will not share any of your data with any third parties, other than those referred to in sections 2 and 4, for any purposes.
In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority.
6. What Happens If Our Business Changes Hands?
In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed of the changes.
7. Your Rights
You have the following rights under the GDPR, which this Policy and our use of personal data have been designed to uphold:
The right to be informed about our collection and use of personal data;
The right of access to the personal data we hold about you (see section 2); you have the right to ask for a copy of any of your personal data held by Us (where such data is held). Under the GDPR, no fee is payable and we will provide any and all information in response to your request free of charge. Please contact us for more details firstname.lastname@example.org, or using the contact details below in section 9.
The right to rectification of any personal data we hold about you is inaccurate or incomplete (please contact us using the details in section 9);
The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you (we only hold your personal data for a limited time, as explained in section 2 but if you would like us to delete it sooner, please contact us using the details in section 9);
The right to restrict (i.e. prevent) the processing of your personal data; when you submit personal data via Our Sites, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details).
The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
The right to object to us using your personal data for particular purposes; and
Rights with respect to automated decision making and profiling.
If you have any cause for complaint about our use of your personal data, please contact us using the details provided in section 9 and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.
8. Data Breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
9. Data Controller
The data controller of Our Sites is: Nutri Low Down Ltd, a UK Private Limited Company with company number 11441670.
Whose registered and operating office is:
57 Brassmill Lane
Bath, BA1 3JD
Person Responsible For Data Protection
Name: Laura Pincock
Email address: email@example.com
Updated July 2018