Detailed Privacy Policy

 

Background and Introduction

In accordance with the General Data Protection Regulation (GDPR) and related UK data protection legislation, we are

committed to protecting the confidentiality and security of the information that you provide to us.

This Privacy Notice is designed to help you understand how we collect and use your information. If you have any questions or queries about this Notice please contact us.

We may amend this Privacy Notice from time to time, in order to, for example, keep it up to date or to comply with legal requirements.

Who we are

We are Fit & Fabulous (also referred to in this Notice as “we”, “us”, or “our”).

How to contact us

For any questions or concerns relating to this Privacy Notice or our data protection practices, or to make a Subject Access Request or any other request regarding the information we hold, please contact us at:

fitandfabulous@icloud.com or via the contact page on this website.

Lawfulness and Fairness

Personal data must be processed lawfully, fairly and in a transparent manner in relation to the Data Subject (you). This may arise where:

  • you have given your consent
  • the processing is necessary for the performance of a contract with you
  • to meet our legal compliance obligations
  • to protect your vital interests
  • to pursue our legitimate interests for purposes where they are not overridden because the processing prejudices your interests or fundamental rights and

Nature of personal information

Personal data is any information that may identify a living individual.

We collect personal information such as name, contact details, date of birth, gender, marital status, financial details, employment details and other personal details for the services we offer.

We may collect, use and store sensitive personal information such as health & medical conditions as necessary in relation to the fitness, well-being and nutrition services we  provide.

Why we need and how we use your personal information

If you do not provide the information required or do not accept the terms of this Privacy Notice, we are unlikely to be able to provide certain services to you.

We only collect, use and store your personal information where we have lawful grounds and legitimate business reasons to do so. We do so in order to provide you with the agreed fitness, well-being and nutrition services. It may also be used to verify your identity, to administer payments.

We may also your personal information to keep our records up to date, to notify you about changes to our services and to help us develop new products and services.

Marketing

We have a legitimate business interest in sending you marketing about our other products and services and making sure our marketing is relevant for you. We believe this processing is in your interests as well. When we process your personal information based on legitimate interest we make sure to consider and balance any potential impact on you (both positive and negative) and your rights under the data protection laws. Our legitimate business interests do not automatically override your rights and freedoms. We will not use your personal data for activities where our interests are overridden by the impact on you. If we intend to use your data for purposes where consent is required we will only do so with your consent. If you do not wish to receive the information you can opt-out at any time using any of the methods detailed in the ‘How to contact us’ section or by clicking the ‘unsubscribe’ link in one of our marketing emails.

Sharing information

We will only supply your personal information to other parties where such a transfer is a necessary part of the activities that we undertake, or where you give us consent or where we are required to do so by law or regulation (e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime).

We may also disclose your information to service providers engaged to perform services on our behalf. Such service providers are contractually restricted from using or disclosing the information we give them except as necessary to perform those services or to comply with legal requirements.

We only share your information if we are satisfied that our partners or suppliers have sufficient measures in place to protect your information in the same way that we do.

We never share your information outside our organisation for marketing purposes.

You understand and accept that we may disclose the information you provide to relevant other parties for the purposes described in this Notice.

Transfer of personal data outside the UK

Certain personal information held on our Information Technology systems may be transferred across geographical borders in accordance with applicable law.

By providing us with your information, you consent to the collection, international transfer, storage, and processing of your information. These transfers are governed by European Union (EU) standard contractual clauses or equivalent data transfer agreements to protect the security and confidentiality of personal information.

How long we keep information about you

We will keep information for as long as it is required to enable us to provide the agreed fitness, wellbeing and nutrition services or to comply with the Companies Act or other legislation. Once we decide that we no longer need your information it will be securely and confidentially destroyed. This will usually be a minimum period of seven years. Any request from you to have your data erased will be processed taking into account these requirements.

Your data protection rights

You have certain legal rights under UK data protection law and regulations, summarized as follows:

  • The right to be informed about our data processing activities, including through Privacy Notices such as
  • The right of access to the personal information we hold about you. To request a copy of this information you must make a Subject Access Request in writing to
  • The right of You may ask us to correct any inaccurate or incomplete data and we will do so within 30 days.
  • The right to erasure and to restrict processing. You have the right to have your personal data erased and to prevent processing except where we have a legal or other obligation to process your personal information. You should bear in mind that by exercising this right you may hinder or prevent our ability to provide products and
  • The right to data portability. On your request, we will provide you with your personal data in a structured
  • The right to object. You have particular rights in relation to automated decision making and profiling to reduce the risk that a potentially damaging decision is taken without human intervention. You can object to your personal data being used for profiling, direct marketing or research

If you want to invoke any of these rights please contact us using any of the methods detailed in the ‘How to contact us’ section.

Withdrawal of consent

Where you have provided your specific consent to the use of personal data, you may withdraw that consent using any of the

methods detailed in the ‘How to contact us’ section.

How to make a complaint

If you wish to make a complaint about how we hold or use your data, please contact us using any of the methods detailed in

the ‘How to contact us’ section.

If you are dissatisfied with how we deal with your complaint, you may contact the Information Commissioner’s Office as follows:

The Information Commissioner Wycliffe House

Water Lane Wilmslow SK9 5AF

Tel: 08456 30 60 60

www.ico.org.uk