Last updated: 13/12/2019
If you have any questions about the below, please contact us: firstname.lastname@example.org
2. Data we collect about you
When you purchase something from our Website, as part of the buying and selling process, we collect mandatory personal information such as your name, gender, date of birth, address, email address and contact number. We do not collect any personal information from Visitors when they use the Website, unless they provide such information voluntarily.
In order to purchase a Wellbeing Plan, you will be asked to provide us with certain information about your lifestyle and wellness via our Quiz. This is including, but not limited to, diet, exercise and specified wellbeing focus areas.
From the Quiz you will be asked if you would like to disclose any current prescribed medication(s) you are taking in order to participate in our Interaction Checker. This information is disclosed voluntarily by you.
Order Information Data:
When customers place an order for their Vitawake Supplement Pack, we will also collect and/or receive certain information, including but not limited to, the Products in their Vitawake Supplement Pack.
In addition to the above, we may collect further information, including but not limited to:
- Your Activity: When you browse our Website, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. Other information includes referring and exit pages, date and time, amount of time spent on particular pages and what sections of the Website Visitors visit.
- Third-Party Analytics: We may use one or more third-party analytics services to evaluate or to assist us in the optimisation of our Services, compile reports on activity, collect demographic data, analyse performance metrics, and collect and evaluate other information relating to the Services and mobile and Internet usage.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with Products or Services). In this case, we may have to cancel a Product or Service you have with us but we will notify you if this is the case at the time.
· Direct interactions. You may give us your Identity, Contact and Billing Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
· purchase our Products or Services;
· create an account on our website;
· complete the quiz;
· subscribe to our service;
· signing up for our newsletter;
· refer a friend;
· enter a competition, promotion or survey; or
· give us feedback or contact us.
· Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We may collect this personal data by using cookies, server logs and other similar technologies.
· Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below:
(b) advertising networks such as Facebook and Google based outside the EU;
(c) search information providers such as Google based outside the EU
· Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Stripe based outside the EU.
· Where we need to perform the contract we are about to enter into or have entered into with you.
· Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
· Where we need to comply with a legal obligation.
Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Our primary purpose in using your data is to provide you with your order. We may analyse your data to allow us to provide a better service to you. You authorise us to use the personal information, wellbeing information, order information and other information (collectively, the ‘Information’) to provide and improve the following:
- administration, general correspondence, support and processing (including personalising the Website for your use);
- contacting you to register your use of the Website, to advise you of any special offers, to notify you of new features or to resolve any queries you or we may have regarding us or the Website or its use;
- developing and improving our Products and Services;
- contacting you to notify you of other Products or Services that might be of interest to you;
- responding to any requests or queries from you;
- recommending you with the most appropriate Products according to your Quiz answers;
- suggesting reasonable alternatives according to the Medication Interaction Checker and the current medication list you are taking;
- subscribing you to our newsletters or email alerts or online surveys;
- information collected via tracking technologies;
- to use data analytics to improve our website, products/ services, marketing, customer relationships and experiences;
- to enable you to partake in a prize draw, competition or complete a survey.
You may receive email content from us targeted to you if you opted in to receive these requests. Examples include:
- Personalised content
- Special offers
- Information about other Vitawake products
- Vitawake market research
- Account activity
We may share your personal data with selected third parties, including business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you in the normal course of business, and with trustworthy analytics and search engine providers that assist us in the improvement and optimisation of our Services.
We may also disclose or share your personal data if we are under a duty to do so in order to comply with any legal obligation, or in order to enforce or apply our Terms & Conditions and other agreements; or to protect the rights, property, or safety of Vitawake Ltd. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a Product/ Service purchase, Product/ Service payment reminder, Product/ Service experience or other transactions.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
· External Third Parties, including:
- Service providers [acting as processors] based in the UK who provide IT and system administration services
- Professional advisers [acting as processors or joint controllers] including lawyers, bankers, auditors and insurers based in the UK who provide consultancy, banking, legal, insurance and accounting services
- HM Revenue & Customs, regulators and other authorities [acting as processors or joint controllers] based in the United Kingdom who require reporting of processing activities in certain circumstances
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal information will involve a transfer of data outside the EEA; including to Canada and the United States.
7. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
By Law, we are required to obtain your consent to processing your data. We will assume that you have given your consent to the uses outlined above if you provide us with any data via our websites or via replies to advertisements.
Where we process or transfer your data outside of what is outlined in "How we use your personal data" we will ask you to provide your specific consent.
10. 3rd Party Services
Your personal information is shared with third party providers to only collect, use and disclose personal information to the extent necessary for them to fulfil the Services they provide to us.
Certain third party providers, such as payment transaction platforms and processors have their own Privacy Policies in place, in respect to the information we are required to provide them for your payment transactions.
Third party providers that we may share your information with include:
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
The Products use Google Analytics code to gather statistical information. Google Analytics sets cookies to help us accurately estimate the number of visitors to the Products and the volumes of usage of the Products. For more information on how Google Analytics processes this information, visit www.google.com/analytics.
We also use your IP address to screen for potential risk or fraud and to improve and optimise our Website.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
· Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
· Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
· Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences.
· Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
· Google Analytics
· Facebook Pixel
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
12. Behavioural advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. This can include cookies from third-party partners such as Facebook and Google. These cookies allow us to display relevant ads to you on other sites that you visit based on your past visits to our site. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
13. Log Files
We gather certain information and automatically store it in log files, as do most websites. This information may include Internet Protocol (IP) addresses, operating system, internet service provider (ISP), referring/exit pages, date/time stamp, browser type, and/or clickstream data.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. Please see below to find out more about these rights and email us at email@example.com should you need to make a request.
You have the right to:
· Request access to your personal data
· Request correction of your personal data
· Request erasure of your personal data
· Object to processing of your personal data
· Request restriction of processing your personal data
· Request transfer of your personal data
· Withdraw consent
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
15. Age Consent
By using our Website, you represent that you are aged 18 years or older.
16. Queries, requests or concerns
To exercise all relevant rights, queries or complaints in relation to this policy or any other data protection matter between you and us, please in the first instance contact us by emailing us at firstname.lastname@example.org.
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, UK.