This policy describes how Bodylife UK Limited (‘we’) process personal information. By providing personal information you consent to it being collected, stored, used, disclosed and otherwise processed in accordance with this policy.
2. IDENTITY OF DATA CONTROLLER
For the purpose of the Data Protection Act 1998 (the “Act”), the data controller is Bodylife UK Limited (8289347) of Unit 2, Hallfield Works, Festing Street, Stoke-on-Trent, Staffordshire. ST1 2HY, United Kingdom.
3. WHAT DO WE COLLECT?
3.1 We collect personal information:
(a) when you register to use our website or set up an account with us;
(b) when you order products from us;
(c) when you enter a competition or promotion;
(d) when you participate in a survey or piece of market research;
(e) when you contact us to ask a question, make a suggestion, report a problem or for any other reason;
(f) when you use interactive services on our website (such as bulletin boards, forums and features that allow you to post reviews or other materials).
3.2 We may also ask you to provide personal information at other times (in which case we will tell you what we are collecting and why).
3.3 We may collect personal information using our website, over the telephone, by post or through any other means of communication that we may have with you.
4. USER INFORMATION AND COOKIES
4.1 We may collect information about your computer and about your use of our website and services, such as your IP address, operating system and browser type and purchase history. This is statistical data that will be used for data analysis and system administration and will not identify you as an individual.
4.3 You can refuse to accept cookies by activating the relevant part of your internet browser, but doing this may impact on your ability to use the Remember Me feature at log in.
5. HOW DO WE USE PERSONAL INFORMATION?
5.1 We use personal information to:
(a) register users of our website and administer their accounts;
(b) process orders, supply goods and services and process payments;
(c) conduct promotions, competitions, surveys and market research;
(d) respond to enquiries, suggestions and complaints;
(e) supply requested information;
(f) monitor use of our website and other services and detect and prevent their misuse;
(g) carry out security checks and assist in the detection and prevention of fraud and other criminal and unlawful activity (this includes, amongst other things, conducting checks to verify purchaser identity, and credit and debit card and other payment details);
(h) communicate with you; and
(i) in the case of anonymous user information, to report aggregate information to advertisers and learn about our website users’ browsing actions and patterns and for system administration; and
(k) maintain our own business records and accounts, and keep a record of the above matters.
5.2 If you consent to such use when you provide your personal information, we may also use it to provide you with information about products, services, discounts and offers that we think may be of interest to you (“direct marketing”). You can withdraw your consent to receive direct marketing at any time by contacting us at our Contact Us page or, if you are a registered user of our site, by managing your account profile.
5.3 You should contact us at our Contact Us page if your personal information changes, so that we can keep our records up to date. Alternatively, if you are a registered user of our site, you can make changes to your own personal information by managing your account profile. For further information on managing your account profile, please visit our frequently asked questions.
6. WHO IS PERSONAL INFORMATION SHARED WITH?
6.1 We share personal information with our subsidiary and associated companies, all of whom comply with this policy in their use of personal information.
6.2 We also provide personal information to third party subcontractors who perform services on our behalf. These services include, amongst other things, delivery, payment processing, mapping, mail-shots, data cleansing, surveys, market research, promotions, competitions and data analysis. These subcontractors will only be provided with the information they need to perform their service, and may only use the information for that purpose.
6.3 If we or any of our subsidiary companies or subcontractors (together “authorised data users”) buys or sells any businesses or assets, your personal information may be transferred to a purchaser or a newly acquired business. This will not change the purposes for which your personal information is used, but it will mean that your information would be used for those purposes by someone else.
6.4 We and our authorised data users may share information with the police and with other law enforcement authorities and fraud prevention agencies and schemes in any part of the world, may disclose it if required to do so by law or court order, and may share it with credit checking agencies and with third parties for fraud detection and prevention. We may also disclose personal information as required to enforce and protect our rights under contract and at law.
6.5 We will not permit anyone else to use your personal information for their own direct marketing purposes without your permission or share your personal information for a purpose that you have not consented to.
7. WHERE DO WE PROCESS PERSONAL INFORMATION?
Your personal information may be transferred to, used, stored and otherwise processed in any part of the world. Before transferring it outside the European Economic Area (or EEA) we will ensure that its recipient will comply with this policy and applicable data protection laws.
8.1 We use various measures to protect your information, including SSL encryption during transmission and electronic and physical security for our servers, computer equipment and storage facilities, but cannot guarantee that it is 100% secure.
8.2 We strongly advise you to protect your computer with regularly updated anti-virus and firewall software and to log-out completely when you finish using our website on a shared computer.
9.1 Our website may contain links to other websites operated by third parties such as advertisers or our business partners and service providers.
10. SUBJECT ACCESS REQUESTS
The Act gives you the right to access the personal data we hold about you. Your right of access must be exercised in writing in accordance with the Act. We are entitled to charge a fee (currently £10) to meet our costs in responding to our request. For further information about how to make a subject access request you should contact the Information Commissioner’s Office (details at www.ico.gov.uk).
We may make changes to this policy from time to time, and will post any changes on our website and may also notify you by email if we have your email address. We will not however change the purposes for which we process your personal information or reduce the level of our protection of your personal information without your consent.
Please contact us at our Contact Page if you have any questions, comments or requests about this policy or our use of personal information.