Introduction
This Privacy Policy is about how NATROLIVE collects, processes, stores and shares client’s data. It only relates to personal data collected by NATROLIVE via the NATROLIVE website, client questionnaire and food diary, by signing a ‘Terms of Engagement’ form, during a consultation, through email, over the telephone or by post. Any personal data collected by NATROLIVE is used in accordance with UK data protection legislation.
Users should be aware that if they access other websites, using the links provided, these are outside our control. If they provide personal data to other companies, the privacy policies of those companies determine the uses to which that information is put and the NATROLIVE Privacy Policy will no longer apply.
2. the data protection bill 2017
NATROLIVE complies with the principles of the Data Protection Bill 2017 in accordance with General Data Protection Regulations (GDPR).
3. PURPOSE OF DATA
The data we collect from clients is the data required to provide a professional service to clients and communicate with them. The data held by NATROLIVE is collected at the point of contact and includes name, surname, home address, email, phone number(s), DOB, GP contact details, health information including previous medical history, dietary, lifestyle, supplement and medicine details, biochemical test results, clinic notes and health improvement plans. We use this information in order to provide the client with direct healthcare. This means that the legal basis is for legitimate interest.
4. DISCLOSURES – SHARING OF DATA
Your data will be treated with strict confidentiality. We will only disclose your information with other third parties, such as your GP, with your consent, with the exception of the following categories of third parties:
- Our registrant body, GNC, and our professional association, ANP, for the processing of a complaint made by you.
- Any contractors and advisors that provide a service to us or act as our agents on the understanding that they keep the information confidential.
- Anyone to whom we may transfer our rights and duties under any agreement we have with you.
- Any legal or crime prevention agencies and/or to satisfy any regulatory request (eg, GNC) if we have a duty to do so or if the law requires us to do so
We may share your information with supplement companies and biochemical testing companies as part of providing you with direct healthcare. We will not include any sensitive information.
We will seek your express consent before sharing your information with your GP or other healthcare providers. However, if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests.
We may share your case history in an anonymised form with our peers for the purpose of professional development. This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites. We will seek your explicit consent before processing your data in this way. Data is shared internally with administrators for the purpose of verifying payments and refunds.
5. LEGACY DATA
Your data will be kept for 7 years after the date of your last consultation, as legally required. For children it will be kept for 7 years after they reach the age of consent.
6. DEVICE SPECIFIC DATA
The following information may be collected through your device and browser:
Your devices IP address (collected and stored in an anonymized format)
Your email address including first name and surname
Device screen size
Device type (unique identifiers) and browser information
Geographic location (country only)
Preferred language used to display the webpage
7. DIGITAL LOG DATA
Our servers automatically record information which is created using our software. Data includes:
Referring domain
Pages visited
Geographic location (country only)
Preferred language used to display information
Date and time when pages were accessed or created
8. CONSENT
Using NATROLIVE services is an optional process. By providing your contact details, you consent to receive information relating to the activities of NATROLIVE in the form of: receiving news/blog posts, to remind you about your appointment, to inform you of any changes, in the event that we may move location or change our number, to remind you about payment of consultation, supplements or biochemical testing, to communicate your nutrition and lifestyle plan.
9. OPTING OUT
You may unsubscribe from receiving mailings and communications. Users can choose to opt out at any time by clicking the opt-out button at the bottom of mailings or emailing NATROLIVE (olivia@natrolive.com) directly with a request to opt out.
10. USE MADE OF PERSONAL INFORMATION
Personal information provided to NATROLIVE will be used for the purposes of providing services to our clients. Any personal information which is collected by NATROLIVE will be used by NATROLIVE only in accordance with current data protection legislation.
In addition, personal information may be used for statistical analysis.
Personal data will be collected and processed by NATROLIVE for the following purposes:
(1) To deliver nutritional therapy and lifestyle support
(2) Administration
(3) To validate and confirm your details
(4) For referral (with your express consent) to external parties
(5) To process diagnostic tests
(6) To record complaints or misdemeanours.
Processing personal data for the above purposes may entail sharing the information with employees, contractors, agents and professional advisors and services providers of NATROLIVE.
Written agreements exist between NATROLIVE and such parties that there must be no further disclosure of such personal data.
11. CONSENT
By providing personal data to NATROLIVE users consent to the processing of such data by NATROLIVE as described in this Privacy Policy.
12. VERIFYING, UPDATING AND AMENDING YOUR PERSONAL INFORMATION
If, at any time, you want to verify, update or amend your personal data, please send an email with the details to: olivia@natrolive.com.
Verification, updating or amendment of personal data will take place within 10 working days.
13. STORAGE OF PERSONAL DATA
Data is fully backed up and stored in a secured, encrypted database. Payments are processed according to the requirements of 12.9 PCI DSS v3.2 in accordance with PCI security standards.
14. COOKIES
A “cookie” is a small text file that is placed on a user’s computer hard drive by a website. There are several types of cookie and the most common are often referred to as ‘session’ cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.
Other types of cookies can be used to track internet activity after the user has left a website. These are usually sponsored by organisations external to the website being visited and are generally known as ‘third party’ cookies. These usually have a long lifetime with several months being quite common. They are ‘harvested’ and ‘refreshed’ whenever the user visits a page where the same or a similar cookie is being used.
NATROLIVE uses benign, short-lived ‘session’ cookies to tell whether a website user has logged in, where to find details that can be used to pre-fill parts of online forms and to personalise the user’s visit to the website.
NATROLIVE cookies do not analyse visits to other websites or any searches undertaken whilst on the NATROLIVE website.
Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third party and long-lived cookies.
NATROLIVE uses cookie free technology that uses Internet Protocol (IP) information exchanged during the course of normal web activity combined with data enhancement technology to get detailed analytics information.
16. LINKS TO THIRD PARTY WEBSITES
This Privacy Policy applies solely to the personal data collected by NATROLIVE and does not apply to third party websites.
NATROLIVE is not responsible for the privacy policies of third party websites. NATROLIVE advises users to read the privacy policies of other websites before registering any personal data.
17. SECURITY
NATROLIVE holds your personal data in accordance with the security provisions of the UK data protection legislation.
If you have any questions about security please email olivia@natrolive.com.
18. NOTIFICATION OF CHANGES
NATROLIVE will notify all users of any changes it makes to its Privacy Policy. If NATROLIVE decides to change its Privacy Policy, it will post such changes on this page so that you are always aware of how NATROLIVE uses your personal data.
Users have the right to ask NATROLIVE, in writing, for a copy of all the personal data held about them upon payment of a fee (“subject access request”) and to request that NATROLIVE correct any inaccuracies in that information.
19. YOUR RIGHTS OVER YOUR DATA
You have the right to rectify, amend, correct or erase your data except where there is a legal basis for refusal.