Examples of personal data include:
• Email address
• Social media account
• Digital identifiers such as an IP address or a cookie ID.
In terms of your use of this website, we act in the capacity of Data Controller which means we are responsible for determining the purpose of personal data collecting and processing.
If you have any questions or concerns about the data we hold about you, you can contact us by using via email: email@example.com.
In order for us to operate our business and provide our services to you, sometimes it is necessary that we collect and process your personal data. In general terms, this data can be divided into three categories:
• Information that you provide to us directly. For example, where you complete an online form on our website.
• Information that is automatically sent to us by your computer’s internet browser when you visit our website. For example, your computer’s IP address.
• Information about how you use our website or our services. For example, which pages you visit, how frequently you visit the site, for how long, etc.
Any of the information we collect from you may be used in one of the following ways:
• To personalize your experience (your information helps us to better respond to your individual needs)
• To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you)
• To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)
• To process transactions (Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.)
• To administer a contest, promotion, survey or other site feature
• To send periodic emails (With your permission, we may send you emails about diet info, new products, and other updates.)
• The email address you provide for order processing may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.
Note: If at any time you would like to unsubscribe from receiving future emails you simply have to click the unsubscribe link at the bottom of any email we send. Then you will be taken through the simple unsubscribe process.
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no. For example, if you do our body type quiz for which you need to provide your email address, we will need your consent for collecting it.
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at firstname.lastname@example.org.
Personal information that you provides us directly is collected only when knowingly and voluntarily submitted. For example, we may need to collect such information to provide you with further services or to answer or forward any requests or inquiries.
It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with GDPR privacy laws.
When you communicate with us or sign up for promotional materials, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with our promotional messages.
Where we are required under applicable local law to obtain your consent for sending you marketing information, the legal basis is your consent, Art. 6(1)(a) GDPR.
We will only ask you for the minimum amount of information required to appropriately fulfill your request. This will usually be your email address and any specific information about your request.
We will retain this data for a maximum of 12 months.
• After you provide us with your personal data, we will store the information you provide to us in our website database, and/or in our self-managed Customer Relationship Management system. All our CRM systems are GDPR compliant. This way we are enabled to efficiently access your data and respond to your requests;
• For the purpose of maintaining the integrity of our systems, we may also store this data in system backups
• We may use this information to contact you about other of our own services that we believe may be of genuine interest to you
• We will NEVER use this data for any further purpose without you expressing further consent
• We will NEVER sell your information to any 3rd party.
Before GDPR, when you visited our website, our system was saving a record of your visit in our server logs, and this record included the IP address that is associated with your device.
The storage of IP addresses is a common practice and it allowed us to identify patterns of behavior (such as repeated malicious attempts to access a system).
However, from now on, our hosting provider is working on deleting those data or making them completely anonymous. Also, from now on, as we were informed, those data will no longer be available to us, only to our hosting provider for the amount of time they are legally obliged to keep them for debugging and security reasons.
Cookies are data that a website transfers to an individual’s hard drive for record-keeping purposes. Those cookies which are industry standard and are used by most websites, including those operated by us, can facilitate a user’s ongoing access to and use of a site.
We use “cookies” on our website that help us to understand how visitors use our website and other related services. They allow us to tell when you have visited a particular page or performed a particular action (such as clicking a particular button) on our website.
Majority of websites uses them since as they provide useful insight into how the services are being used. Also, they help us improve speed, performance, and security, and thus enable us to improve your user experience. They allow us to customize the website to your needs.
We use Google Analytics in order to better understand what our website visitors are looking for.
When you visit our site, information about your visit (such as which pages you look at, how long you spend on the site, etc.) is sent in an anonymous form to our analytics providers – Google Analytics (which is controlled by Google).
We ensure that no personally identifiable information is ever contained within the data sent to Google Analytics.
Considering analytics information is not personal data, we do not specifically ask for your prior consent.
The lawful basis is our legitimate interest, Art. 6 (1) (f) GDPR, which is to improve our website performance and your user experience.
From time-to-time, our website requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user, therefore, has a choice whether or not to disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the usability and user satisfaction of this site.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We strive to ensure the security, integrity, and privacy of personal information submitted to our sites, and we review and update our security measures in light of current technologies. Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure.
However, we will endeavor to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorized access to your personal information.
We will endeavor to take all reasonable steps to keep secure any information which we hold about you and to keep this information accurate and up to date.
The GDPR provides the following rights for individuals:
• (Art. 15 GDPR): You have the right to ask us for confirmation on whether we are processing your Personal Data, and access to the Personal Data and related information on that processing (e.g., the purposes of the processing, or the categories of Personal Data involved).
• (Art. 16 GDPR): You have the right to have your Personal Data corrected, as permitted by law.
• (Art. 17 GDPR): You have the right to ask us to delete your Personal Data, as permitted by law.
• (Art. 18 GDPR): You have the right to request the limiting of our processing under limited circumstances, including when the accuracy of your Personal Data is contested or when the processing is unlawful.
• (Art. 20 GDPR): You have the right to receive the Personal Data that you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
If we become aware of any ongoing concerns or problems with our websites, we will take these issues seriously and work to address these concerns.
For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner’s website.http://www.privacy.gov.au/