Gift of Health is committed to ensuring your personal information is protected. This privacy notice describes how Gift of Health, the data controller, collects, uses and protects your information. Gift of Health LLC, 313 Talbot Boulevard, Chestertown MD 21620 USA is the data controller. Our representative in the EU is Red Arrow, Unit 9, Romsey Industrial Estate, Greatbridge Road, Romsey SO51 0HR, United Kingdom and they are registered with the UK’s Information Commissioner’s Office.
How we collect your information
The information we hold about you comes from the way you engage with us such as if you enquire about our products or services or place an order. We collect information online through our website, via email, the post, over the phone and during discussions with you.
The type of information we hold
The information we hold includes:
- Personal information - name, date of birth, home address, contact telephone numbers, email addresses.
- Financial information - bank details and payment cards.
- Transaction history - records of our financial transactions and our interactions, meetings etc.
How we use your information
We process your information for the following lawful reasons:
- Where you have ordered goods from us we process your personal information to fulfil the contract between us.
- We will use your information for the legitimate interest of sending you marketing information about our products. We do this as it is necessary we promote our business to customers, but we will always offer you the right to opt-out of future communications.
- We will share your information with our group companies for the legitimate interest of sending you marketing information by post about similar products. We do this as it is necessary we promote our business to customers, but we will always offer you the right to opt-out of future communications.
- We process your personal informationfor the legitimate interest of providing you with information on the progress of your order and updates on your account.
Storing your information
Your personal information will be stored on systems owned or operated by Gift of Health or those of our specific suppliers and will be stored inside the European Economic Area (EEA), countries approved by the EU and countries not approved by the EU. Where your information is processed in countries not approved by the EU, our contracts with our suppliers include the EU model clauses for data protection.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. We restrict access to your personally identifying information to employees who need to know that information in order to operate, develop or improve our services.
When you enter credit card information in relation to a purchase made on the Gift of Health website you will be directed to one of our secure payment gateway providers approved by our bank. In this case, it will be City Pay. The secure servers ensure that all details are encrypted at your browser before they are sent to our Payment Gateway Provider through the Internet.
We do not hold credit card information that you submit through the website as this information is sent directly to our bank approved Payment Gateway Provider.
Who we will share your information with
We will not sell or swap your information with any third party. We will however share your information with:
- Tax authorities to comply with legislation governing contract law.
- Our suppliers in the supply chain who are involved in delivering services.
- Our suppliers who manage some of our Marketing, Web Services and IT Services.
- Another supplier of premium health products, Health, who will offer you opportunities to purchase similar products by post only.
Our suppliers are bound by UK privacy law and the terms of the contracts include the enhanced General Data Protection Regulation terms and clauses. Gift of Health is also bound by the UK Data Protection Act 2018 and the General Data Protection Regulation.
We will retain your personal information in accordance with legal and regulatory requirements. In the case of transaction and account information, we retain your information for 5 years after the last purchase.
How you can access your information
You have the right to request access to the information we hold about you. To make a request for your personal information,please contact the Privacy Manager at firstname.lastname@example.org,or contact the customer services team on 0845 020 0069 or write to Gift of Health, Unit 9, Romsey Industrial Estate, Greatbridge Road, Romsey SO51 0HR.
You have the right to:
- object to processing of personal data that is likely to cause, or is causing, damage or distress;
- have inaccurate personal data rectified or updated;
- request your information to be deleted or destroyed and if we can we will but sometimes we must maintain some records for legal reasons.
If you are not happy how we are using your information or how we have responded to your request, you have the right to complain to the Information Commissioner’s Office at www.ico.org.co.uk.
How we will tell you about future changes to this privacy notice
Any changes we make to our privacy notice will be put on our website. Please check for updates from time to time so you are always fully aware of what information is collected and how it is used.
How to contact us
If you have any questions or concerns about our use of your personal information, please contact the Privacy Manager at email@example.com,or contact the customer services team on 0845 020 0069 or write to Gift of Health, Unit 9, Romsey Industrial Estate, Greatbridge Road, Romsey SO51 0HR.