Data Protection Act
We are conscious of our responsibilities under the General Data Protection Regulation (GDPR) starting May 25, 2018, and we shall endeavour to ensure that the personal information we obtain and use will always be held, used, transferred and otherwise processed in accordance with that Regulation and all other applicable data protection laws and regulations.
Who we are?
We are Essential Health Labs ltd., a privately owned company. For anything to do with our products and for any other activity on our website, Essential Health Labs ltd. is the data controller who is responsible for your privacy when we process your personal information.
How do we collect information from you?
We obtain information about you when you use our website. For example, when you contact us about products and services, if you give us any information via sign up forms, if you make an enquiry or purchase or complete a survey. We also collect information about you if you sign up to receive email newsletters or enter competitions or if you interact with us on social media or via email.
What is the legal basis we rely on?
The law on data protection sets out a number of different reasons for which a company may collect and further process your personal data. We rely on a variety of these depending on the purpose of the processing, as follows:
In certain situations, we may collect and process your data with your specific freely given consent.
For example, when you tick a box to receive email newsletters featuring news, offers and new product range launches.
When collecting and further processing your personal data based on your consent, we’ll always make clear to you which data is necessary in connection with a particular service and the purpose of the processing and you can withdraw that consent at any time.
In certain circumstances, we need your personal data to comply with our contractual obligations.
For example, if you order an item from us for home delivery, we’ll collect your address details to deliver your purchase, and pass them to our fulfilment hub.
If the law requires us to, we may need to collect and process your data.
For example, we can pass on details of people involved in fraud or other criminal activity to law enforcement.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
For example, we will use your purchase history to send you or make available personalised offers.
We also combine the shopping history of many customers to identify trends and ensure we can keep up with demand, or to help us develop new products/services.
Further examples of using your data for our legitimate interests are described below.
What sort of personal data do we collect?
In running and operating this website, we may collect and process certain data and information relating to you and your use of this site. Your privacy is important to us and we confirm that we will never release your personal details to any third party for their mailing or marketing purposes. We will only collect and process personal data where we can rely on one or more of the legal bases above for processing. Typically we collect and further process the following types of personal data;
Your name, address, email address, IP address, and information regarding what pages are accessed and when. This information is recorded and sent to third-party processors for the purposes of fulfilling your order, data analysis, to improve our marketing efforts and to make recommendations to you on products of interest.
Information you provide to enter a competition or promotion via the website, complete a survey, or if you report a problem with the site. This information is used for our internal research purposes to analyse and administer competitions, to resolve any reported issues and to communicate with you about this.
Information about your phone or laptop and how you use our website. This includes details of visits to our website and the pages and resources you access, including but not limited to, traffic data, location data and other communication data that may assist us in understanding how visitors use the website. This may also include the resources that you access, and information about where you are on the internet including the domain type, IP address and URL that you came from. This usage data may be processed for the purposes of analysing the use of the website and services and personalising your experience.
Information you provide to us by sending us a message through our website and information provided to us when you communicate with us electronically for any reason. If you contact us, we may keep a record of your email and other correspondence.
Information that you provide to us when filling in forms on our website, such as registering for information or making a purchase.
If you make a purchase from us, your card information is not held by us, it is collected by our third-party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
We may also collect information about your computer, including but not limited to (where available), your IP address, operating system and browser type for administration purposes and to produce internal reports. This is statistical data relating to a web user’s browsing actions and patterns and does not specifically identify you as an individual.
Processing information for our legitimate interests
We process personal information for certain legitimate interests we have within our business, which include the following:
Where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our customers
to identify and prevent fraud
to enhance the security of our network and information systems
to better understand how people interact with our websites
to provide postal and email communications which we think will be of interest to you
to determine the effectiveness of promotional campaigns and advertising
How is your information used?
We may use your information:
to ensure that the content on the site is presented in the most efficient way for you and the computer that you are using;
to enable you to participate in interactive features of the site;
to provide you with information relating to our website, product or our services that you request from us;
to provide you with information on other products that we feel may be of interest to you in line with those you have previously expressed an interest in via our website;
to process an order you have made;
to meet our obligations arising from any contracts entered into by you and us;
for dealing with entries into a competition;
to seek your views or comments on the services we provide;
to notify you about any changes to our website, including improvements, and service or product changes;
to send you communications which you have requested and that may be of interest to you. These may include information about products, events, promotions, offers, job offers, information about the company and the surrounding area and replies to requests
for our internal purposes including statistical or survey purposes, quality control, site performance and evaluation in order to improve our website;
to administer this website; and
to notify you of products or special offers that may be of interest to you.
We review our retention periods for personal information on a regular basis. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or, as set out in any relevant contract you hold with us.
To whom do we provide or give access to your information?
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process payments or shipping and send you an email confirmation). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond Essential Health Labs LTD for them to use for their own direct marketing purposes, unless you have requested us to do so.
When you are using our secure online payment gateway, your purchase is processed by a third-party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
How do I opt out?
You have a choice about whether you wish to receive information from us. If you no longer want to receive direct marketing communications, then you can change your preferences or completely unsubscribe in one of two ways:
- Click the ‘unsubscribe’ link at the bottom of marketing emails sent to you
- Contact us on: email@example.com or by writing to Essential Health Labs ltd., 601 International House, 223 Regent Street, London, W1B 2QD, United Kingdom
We will not contact you for marketing purposes if you have indicated that you do not wish to be contacted.
You have the following rights relating to your personal information:
The right to be informed about how your personal information is being used by us
The right to access the personal information we hold about you
The right to request the correction of inaccurate personal information we hold about you (although you can probably do most of this through My Account)
The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
The right to stop direct marketing messages, which you can do through My Account, and to withdraw consent for other consent-based processing at any time
The right to request that we transfer or port elements of your data either to you or another service provider
The right to complain to your data protection regulator — in the UK, the Information Commissioner’s Office
If you want to exercise your rights, have a complaint, or just have questions, please contact us.
Use of ‘cookies’:
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies that we use
Cookies used by our service providers
You may set up your computer to reject cookies by following the relevant instructions which can be found at www.aboutcookies.org. If you instruct your computer to reject cookies, you may not be able to use certain features on our site.
Links to other websites:
In addition, if you are referred to our website from a third-party site, we cannot be responsible for the Privacy Policies and practices of the owners and operators of that third-party site and recommend that you check the Policy of that third-party site.
Transferring your information outside of Europe:
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers or our Data Processor’s servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK.
If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. In particular, except where necessary to perform a contract with you or to perform or conclude a contract with a third party in your interest, we will ensure at least one of the following safeguards is implemented:
we will only transfer the data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
where we transfer the data to third parties, we will use specific contracts between us and the recipient in a form approved by the European Commission; or
where the transfer is to the USA, the recipient is within the EU-US Privacy Shield.
If you would like a copy of any of these safeguards, please contact us at firstname.lastname@example.org or by any of the other means described above.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Third Party Processing:
Essential Health Labs utilises the services of third party organisations to process your personal data within the categories described above (in the section headed “To whom do we provide or give access to your information”). As the data controller, Essential Health Labs determines the purposes and means of the processing of your personal data. Where your data is processed by any third party on behalf of Essential Health Labs, that third party is a processor under the GDPR. We confirm that we take steps to ensure this data is processed lawfully under the law in accordance with each agreement that we have in place with each processor.
Review of this Policy: