Examples of personal data include:
• Email address
• Social media account
• Digital identifiers such as an IP address or a cookie ID.
In terms of your use of this website and app, we act in the capacity of Data Controller which means we are responsible for determining the purpose of personal data collecting and processing.
If you have any questions or concerns about the data we hold about you, you can contact us by using via email: firstname.lastname@example.org.
In order for us to operate our business and provide our services to you, sometimes it is necessary that we collect and process your personal data. In general terms, this data can be divided into three categories:
• Information that you provide to us directly. For example, where you complete an online form on our website.
• Information that is automatically sent to us by your computer’s internet browser when you visit our website. For example, your computer’s IP address.
• Information about how you use our website, app or our services. For example, which pages you visit, how frequently you visit the site, for how long, etc.
CUSTOMERS AND POTENTIAL CUSTOMERS
If you contact us in order to ask about our products or services or sign up for updates through our website, we usually collect your e-mail address and any other contact details required for us to respond to that enquiry.
When you sign up to our app, we will typically collect your name, e-mail address and any other contact details required from time to time.
If you become a customer of ours, we may also collect:
- some sensitive information, being health information related to your physical health and future goals;
- with your consent, your photos or videos for promotional purposes;
- fitness/lifestyle activity data provided by you or generated via your use of the app, including the activity data generated by any devices or services that you choose to connect to the app (e.g. smart watches, Google Fit, or other third-party fitness tracker); and
- any additional personal information you provide to us, or authorise us to collect.
The types of sensitive information we collect may include your weight, height, measurements, step count, exercise activities. We will obtain your express consent in circumstances where it is necessary for us to collect sensitive information.
WHAT DO WE USE YOUR INFORMATION FOR?
Any of the information we collect from you may be used in one of the following ways:
• To personalise your experience (your information helps us to better respond to your individual needs)
• To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you)
• To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)
• To process transactions (Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.)
• To administer a contest, promotion, survey or other site feature
• To send periodic emails (With your permission, we may send you emails about diet info, new products, and other updates.)
• The email address you provide for order processing may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.
Note: If at any time you would like to unsubscribe from receiving future emails you simply have to click the unsubscribe link at the bottom of any email we send. Then you will be taken through the simple unsubscribe process.
The purpose of collecting sensitive information about you (being health information), including fitness/lifestyle activity data provided by you through other devices or services, is so we can measure your health and achievements in our fitness activities. We only use your sensitive information for this purpose and no other purpose.
HOW DO YOU GET MY CONSENT?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no. For example, if you do our body type quiz for which you need to provide your email address, we will need your consent for collecting it.
HOW DO I WITHDRAW MY CONSENT?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com
PERSONAL INFORMATION YOU PROVIDE TO US DIRECTLY
Personal information that you provides us directly is collected only when knowingly and voluntarily submitted. For example, we may need to collect such information to provide you with further services or to answer or forward any requests or inquiries.
It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with GDPR privacy laws.
Lawful Basis for Processing under the GDPR:
When you communicate with us or sign up for promotional materials, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with our promotional messages.
Where we are required under applicable local law to obtain your consent for sending you marketing information, the legal basis is your consent, Art. 6(1)(a) GDPR.
We will only ask you for the minimum amount of information required to appropriately fulfil your request. This will usually be your email address and any specific information about your request.
We will retain this data for a maximum of 12 months.
Types of processing:
• After you provide us with your personal data, we will store the information you provide to us in our website database, and/or in our self-managed Customer Relationship Management system. All our CRM systems are GDPR compliant. This way we are enabled to efficiently access your data and respond to your requests;
• For the purpose of maintaining the integrity of our systems, we may also store this data in system backups
• We may use this information to contact you about other of our own services that we believe may be of genuine interest to you
• We will NEVER use this data for any further purpose without you expressing further consent
• We will NEVER sell your information to any 3rd party.
• If you want us to remove you date or delete your account in our app, please reach out to us via firstname.lastname@example.org
INFORMATION THAT IS AUTOMATICALLY SENT TO US BY YOUR COMPUTER’S INTERNET BROWSER
Before GDPR, when you visited our website, our system was saving a record of your visit in our server logs, and this record included the IP address that is associated with your device.
The storage of IP addresses is a common practice and it allowed us to identify patterns of behavior (such as repeated malicious attempts to access a system).
However, from now on, our hosting provider is working on deleting those data or making them completely anonymous. Also, from now on, as we were informed, those data will no longer be available to us, only to our hosting provider for the amount of time they are legally obliged to keep them for debugging and security reasons.
INFORMATION ABOUT HOW YOU USE OUR WEBSITE OR OUR SERVICES
Cookies are data that a website transfers to an individual’s hard drive for record-keeping purposes. Those cookies which are industry standard and are used by most websites, including those operated by us, can facilitate a user’s ongoing access to and use of a site.
We use “cookies” on our website that help us to understand how visitors use our website and other related services. They allow us to tell when you have visited a particular page or performed a particular action (such as clicking a particular button) on our website.
Majority of websites uses them since as they provide useful insight into how the services are being used. Also, they help us improve speed, performance, and security, and thus enable us to improve your user experience. They allow us to customize the website to your needs.
We use Google Analytics in order to better understand what our website visitors are looking for.
When you visit our site, information about your visit (such as which pages you look at, how long you spend on the site, etc.) is sent in an anonymous form to our analytics providers – Google Analytics (which is controlled by Google).
We ensure that no personally identifiable information is ever contained within the data sent to Google Analytics.
Considering analytics information is not personal data, we do not specifically ask for your prior consent.
Lawful Basis for Processing under the GDPR:
The lawful basis is our legitimate interest, Art. 6 (1) (f) GDPR, which is to improve our website performance and your user experience.
USE OF INFORMATION
SURVEYS & CONTESTS
From time-to-time, our website requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user, therefore, has a choice whether or not to disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the usability and user satisfaction of this site.
DO WE DISCLOSE ANY INFORMATION TO OUTSIDE PARTIES?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.
THIRD PARTY LINKS
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We strive to ensure the security, integrity, and privacy of personal information submitted to our sites, and we review and update our security measures in light of current technologies. Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure.
However, we will endeavour to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorised access to your personal information.
ACCESS TO INFORMATION
We will endeavour to take all reasonable steps to keep secure any information which we hold about you and to keep this information accurate and up to date.
The GDPR provides the following rights for individuals:
• (Art. 15 GDPR): You have the right to ask us for confirmation on whether we are processing your Personal Data, and access to the Personal Data and related information on that processing (e.g., the purposes of the processing, or the categories of Personal Data involved).
• (Art. 16 GDPR): You have the right to have your Personal Data corrected, as permitted by law.
• (Art. 17 GDPR): You have the right to ask us to delete your Personal Data, as permitted by law.
• (Art. 18 GDPR): You have the right to request the limiting of our processing under limited circumstances, including when the accuracy of your Personal Data is contested or when the processing is unlawful.
• (Art. 20 GDPR): You have the right to receive the Personal Data that you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
PROBLEMS OR QUESTIONS
If we become aware of any ongoing concerns or problems with our websites, we will take these issues seriously and work to address these concerns.
FURTHER PRIVACY INFORMATION
For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner’s website.http://www.privacy.gov.au/