From the 25 May 2018, the General Data Protection Regulation (GDPR) replaces the Data Protection Act 1998, giving you as an individual more rights in relation to the personal data we as an organisation may hold about you.
2. WHO ARE WE?
Here are the details that we as ‘data controller’ are required to give to you in accordance with the Data Protection Legislation (please note this means the Data Protection Act up to and including 24th May 2018 and from 25 May 2018 and onwards the General Data Protection Regulation (GDPR) and any other applicable law which relates to the protection of individuals rights with regard to the processing of personal data):
Our Website address is: www.theinsyncdiet.com
Our company name is: The In-Sync Diet Limited
Our registered address is: 5 – 11 Regent Street Ground Floor, Charles House, London, United Kingdom, SW1Y 4LR.
Our Trading/postal address is: PO Box 73367, London, W3 3FR
Our Nominated Representatives are: Glynis Brandon and Fleur Borrelli
3. INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you in operating the Site and performing any of our Services including:
• information you may give us about you, by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph. This includes information provided at the time of registering to use our Site, subscribing to our Services, creating an account on our Site, posting material or requesting further services.
• requests that marketing material be sent to you.
We may also ask for your information when you report a problem with our Platform or provide other feedback and we will collect the following data to enable us to provide our Services to you:
• a record of any correspondence between us.
• details of transactions you carry out through our Site.
• details of your visits to our Site and the resources you use.
• any information that you upload to our Site and any other form of interaction data you may provide; and
• information about your computer (e.g. your IP address, browser, operating system etc) for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
With regard to each of your visits to our Site we may automatically collect the following information:
• technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
• Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
4. HOW WE USE WHAT WE COLLECT?
We use information about you to:
• present Site content effectively to you;
• provide information on and allow you to use, products and services that you request, or (with your consent) those services which we think may interest you to personalise your experience;
• allow us to better our service to you by responding to your customer service requests;
• take steps at the request of you prior to entering into a contract or to carry out our contractual obligations and provide you with the products and services under the terms of our contractual arrangement with you;
• allow you to use our interactive services if you want to;
• to administer a contest, promotion, survey or other Platform feature;
• tell you about changes to our Services;
• we will contact you electronically about similar products and services to those previously sold to you;
• with your prior consent, tell you about other goods and services that might interest you; and
• we may want to allow selected third parties to contact you directly. We will ask for your consent each time, before passing on your details, and will not do so unless your consent is given.
In some instances, it may be appropriate for us to combine your information with other information that we may be holding about you, such as combining your name with your geographic location or your browsing or purchasing history.
If you do want to be contacted for marketing purposes, please tick the relevant box that you will find on screen when we collect your data.
Please note: We don’t identify individuals to our advertisers, but we do give them aggregate information to help them reach their target audience, and we may use information we have collected to display advertisements to that audience.
In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section 4, you can let us know at any time by contacting us at firstname.lastname@example.org , and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible products and services to you and we may not be able to fulfil our contract with you. Notwithstanding this, in some cases, the collection of personal data may be a statutory or contractual requirement.
In addition to the basis upon how we will use your information, we will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
(a) Where we need to perform the contract we are about to enter into or have entered into with you;
(b) Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
(c) Where we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to our marketing communications or sending third party direct marketing communications to you via email or text message.
5. DISCLOSING YOUR DATA
We may contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your data. You can find details of these third parties at the following link https://www.theinsyncdiet.com/third-party/ but please note that this list is not exhaustive and is subject to change. Our third parties include the following:
• Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
• Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others.
• Analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may also disclose your personal information to third parties:
• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
• If the In-Sync Diet or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and any other agreements; or to protect the rights, property, or safety of the In-Sync Diet, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
• We can disclose it if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights.
• In order to establish or defend our legal rights; and
• We can exchange information with others to protect against fraud or credit risks.
Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.
6. WHERE WE STORE YOUR PERSONAL DATA
We may transfer your collected data to storage outside the European Economic Area (EEA) in connection with the above purposes. It may be processed outside the EEA to fulfil your order and deal with payment.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see the European Commission: EU-US Privacy Shield .
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Site. By giving us your personal data, you agree to this arrangement and we will do what we reasonably can to keep your data secure. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have implemented security measures such as a firewall to protect any data and maintain a high level of security.
Payment will be encrypted. If we give you a password, you must keep it confidential. Please don’t share it. Although we try to provide protection, we cannot guarantee complete security for your data, and you take the risk that any sending of that data turns out to be not secure despite our efforts.
We only keep your personal data for as long as we need to in order to use it as described above in section 6, and/or for as long as we have your permission to keep it. In any event, we will conduct an annual review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.
Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet and you take the risk that any sending of that data turns out to be not secure despite our efforts.
7. YOUR RIGHTS
As stated above, you can ask us not to use your data for marketing. You can do this by ticking the relevant boxes on our forms, or by contacting us at any time at email@example.com
Under the GDPR, you have the right to:
• Request a copy of the information we hold on you. When you request this information, this is known as a Subject Access request (SAR). In most cases, this will be free of charge however in limited circumstances we may apply an administration charge. For example, where repeated requests are made;
• Have personal data we hold about you transferred securely to another service provider in an electronic form;
• Have inaccurate personal data corrected;
• Have any out of date personal data deleted once there’s no business need or legal requirement for us to hold it;
• Object or restrict some processing, in limited circumstances and only when we don’t have legitimate grounds for processing your personal data;
• Object to personal data being used to send you marketing material. As mentioned above, we will only send you marketing material where you have given your consent to do so. You can remove your consent at any time.
• Ask us not to use your data for marketing. You can do this by not ticking the relevant boxes on our forms, or by contacting us at any time at firstname.lastname@example.org.
• Ask for a decision to be made manually, where a decision is made using automated means and this adversely impacts you.
• The Data Protection Legislation gives you the right to see information we hold about you; and
• Complain to a supervisory authority.
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You also have rights with respect to automated decision-making and profiling as set out in section 9 below.
All Cookies used by and on our Site are used in accordance with current English and EU Cookie Law.
A few of the cookies we use last only for the duration of your web session and expire when you close your browser. Other cookies are used to remember you when you return to the Site and will last for longer.
All cookies used on our site are set by us.
Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can prevent the setting of cookies by adjusting the settings on your browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the Site.
Our cookies will be used for:
Essential session management
• creating a specific log-in session for a user of the Site in order that the site remembers that a user is logged in and that their page requests are delivered in an effective, secure and consistent manner;
• recognising when a user of the Site has visited before allowing us to identify the number of unique users we receive to the site and make sure we have enough capacity for the number of users that we get;
• recognising if a visitor to the Site is registered with us in any way;
• we may also log information from your computer including the existence of cookies, your IP address and information about your browser program in order to allow us to diagnose problems, administer and track your usage of our Site.
• customising elements of the promotional layout and/or content of the pages of the Site.
Performance and measurement
• collecting statistical information about how our users use the Site so that we can improve the Site and learn which parts are most popular to users.
9. AUTOMATED DECISION-MAKING AND PROFILING
In the event that we use personal data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on you, you have the right to challenge to such decisions under GDPR, requesting human intervention, expressing their own point of view, and obtaining an explanation of the decision from us.
The right described in this Section 9 does not apply in the following circumstances:
a) the decision is necessary for the entry into, or performance of, a contract between you and us;
b) the decision is authorised by law; or
c) you have given you explicit consent.
Where we use your personal data for profiling purposes, the following shall apply:
a) Clear information explaining the profiling will be provided, including its significance and the likely consequences;
b) Appropriate mathematical or statistical procedures will be used;
c) Technical and organisational measures necessary to minimise the risk of errors and to enable such errors to be easily corrected shall be implemented; and
d) All personal data processed for profiling purposes shall be secured in order to prevent discriminatory effects arising out of profiling.
11. LINKS TO OTHER SITES
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our Site. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
12. YOUR CONSENT