Wellthiness Privacy Policy

Who we are

Our website address is: https://wellthiness.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

You are under no obligation to provide any personal information in the contact forms . However if you choose to withhold request information, we may not be able to provide you with certain service.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content or links from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. 

We do not accept any responsibility or liability for these external sites and /or their privacy policies and would advise that you check thees websites’ policies before submitting any personal information on them. 

Analytics

Who we share your data with

We do not and will not sell any of your personal data to any third party. This includes your name, address, email address or credit information. We do however share your data in the ways outlined below as an essential part of being able to provide our services to you.

All the information we collect via the Site, or through correspondence (including emails, telephone calls and social media) with you is used to operate, improve and tailor the service we offer you. We only use your personal data for:

Passing on your orders to your chosen Wellthiness practitioner(s) so they can supply services to you and for customer administration.
Verifying details of your payment method or credit card account.
Planning and managing Wellthiness’s business activities, including analysis of customers’ shopping habits, success of advertisements and push notifications and product and preferences of our customers.
Collecting market research.
Informing you about offers, news and products from practitioner stores on our site.
Informing you about offers and news from Wellthiness.
Providing you with information about the services we offer.
Advertising and marketing our services to you through other platforms on the internet (e.g. Facebook)
Analysing the technical administration of our website.

Only employees, our partners and any third party service providers who need information to perform a specific job are granted access to personally identifiable data. At all other times we will anonymise and aggregate personal information so that you are not identifiable.


When We May Share Your Data

We may share some of your data with others in the following situations:

We may instruct third party service providers to assist in business operations. These third parties will have signed up to our service agreements which will clearly dictate that they may only use your information in connection with the services they perform for us.
If we sell our business, our data records form part of our business. You will be notified of this if it occurs and we will use our reasonable endeavours to ensure that the new owners follow this Privacy Policy.
We may instruct outside research companies to contact you directly for your opinions on our service, and our practitioners’ products and services. In this situation we will provide them with only the information they need to complete this task.
If during a police or a regulatory or government authority investigation we are requested to provide information concerning your activities in connection with us and the site, we will not hesitate to do so.
We may exchange information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Anonymous Data

Whilst browsing our site some anonymous data is also collected for analytical purposes, this is so we can improve the user experience for our customers and / or practitioners. The system used to collect this data is provided by Google and no personally identifiable information is collected. Some of the data the system does collect includes (but is not limited to):

The search term you used to find our site through search engines
Your geographical location
The technology you are using to access this site (mobile/desktop, browser, screen resolution etc.)
Length of time on site
Pages visited
Forms submitted
Some of this information may be used for marketing purposes by Wellthiness.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

We use this to send you information by email, SMS, WhatsApp, or post, about our new products and services. We do this to keep you up to date. We will only contact you and send this to you with your permission.

Additional information

Your contact history with us , for example if we have spoken via email, on social media, phone etc is used so that we can provide customer service and support so that we excel in giving you the best possible customer service.

Personal data may transferred by us to practitioners who are situated outside of the UK and the European Economic Area. As such the data will be processed by our partners located outside of the jurisdiction of the GDPR. Where this personal data transfer takes place we will provide training and guidance and require all of our practitioners to sign up to our privacy policy and thus process your information ensuring your personal privacy is protected to the same standard as it would within the UK and EEA.

What data breach procedures we have in place

We think the security of your personal information on our site is essential . As such we have security measures in place in order to attempt to protect against any loss, misuse or alteration of the personal information we have on our site. Our security steps and policy as a whole are regularly reviewed and amendments or additions made as necessary. This is in an attempt to limit only authorised employees, agents, contractors, and third parties gaining access to your personal information who work on a need to know basis. These parties will process your personal information as per this policy and as such are subject to doing so confidentially. 

If there are any suspected data breaches, we will notify you and if legally required we will inform the ICO of the breach.

If we make significant changes to our privacy and cookie policy to ensure continued security of your personal information we will highlight that clearly on our website and /or other communication platforms as well as email. This then gives you the opportunity to revisit this page and note the amendments/additions before contain g your use of the site.

Transfer of Information

We will do our best to protect your personal data, but we cannot ensure or warrant the security of any data you transmit to us, and any transmission you do is at your own risk. Once we receive your transmission, we make our best effort to ensure the security of it on our systems and we use strict procedures and security features to try to prevent unauthorised access. We take due precautions to protect your information, and all personal information stored by us is kept on an external server in a secure environment.

Unfortunately, the transmission of information via the Internet is not a completely secure medium. We are unable to guarantee the security of any information you send to us and that we may send to you via the Internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information and any such submission is at your own risk.

Together We Protect Your Information

Please keep in mind that whenever you voluntarily disclose personal information online in non-protected environments – for example on message boards, on social media, through email, that information can easily be collected and used by others. If you post personal information online that is readily accessible to the public, you may also receive unsolicited messages in return from other parties. Good internet habits include but are not limited to, closing your browser window when you have finished and not using the servers remember password facility. This way others cannot readily access your information and content if you share a computer with someone else or if are using a public computer.

How we protect your data

Your personal data which we collect is stored on secure servers in the UK in order to process the information. Our staff and partners are trained on GDPR and must agree to processing your personal information in line with this privacy policy.

Industry regulatory disclosure requirements

Privacy Policy Notice

The policy: This privacy policy notice is served by Wellthiness  Limited. Registered address  Kemp House , 160 City Road, London, EC1V 2NX for the website;  www.wellthiness.com.The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.

Policy key definitions:

  • “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
  • “you”, “the user” refer to the person(s) using this website.
  • GDPR means General Data Protection Act.
  • PECR means Privacy & Electronic Communications Regulation.
  • ICO means Information Commissioner’s Office.
  • Cookies mean small files stored on a users computer or device.

Key principles of GDPR:

Our privacy policy embodies the following key priciples; (a) Lawfullness, fairness and transpatrency, (b) Purpose limitation, (c) Data minimisation, (d) Accurancy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.

Processing of your personal data

Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.

We are registered with the ICO under the Data Protection Register, our registration number is ZA558232

  •  
  • Lawful basis: Consent & Contract
    Where our purpose for processing is: To register you as a potential customer
    Which is necessary because: Performing a service and contract with you.
    We process your information in the following ways: On a mailchimp list
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; mail chimp.
  • Lawful basis: Consent & Contract & Legitimate Interests
    Where our purpose for processing is: To register you as a potential practitioner
    Which is necessary because: To carry out an assessment of you as a practitioner for our legitimate interests of ensuring our practitioner standards are met. May lead to us performing a service and contract with you. 
    We process your information in the following ways: On a mailchimp application form.
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information:  We do share your personal information with third parties and they include; Mailchimp.
  • Lawful basis: Consent & Contract
    Where our purpose for processing is: To register you as a potential affiliate
    Which is necessary because: Performing a service and contract with you.
    We process your information in the following ways: On a mailchimp list
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; mail chimp.
  • Lawful basis: Consent & Contract
    Where our purpose for processing is: To register you as a potential investor
    Which is necessary because: Performing a service and contract with you.
    We process your information in the following ways: On a mailchimp list
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; mail chimp.
  • Lawful basis: Consent & Contract
    Where our purpose for processing is: Managing your queries as customer service, this may include making notes or email/message/ face to face/ whatsapp correspondence.
    Which is necessary because: Performing a service and contract with you.
    We process your information in the following ways: On a CMS system .
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: / We do share your personal information with third party service providers and they include; Trello /Pipedrive.
  • Lawful basis: Consent & Contract & Legitimate interest.
    Where our purpose for processing is: To carry out background checks on practitioners.
    Which is necessary because: Performing a service and contract with you and to ensure that we have legitimate practitioners.
    We process your information in the following ways: Checking on public databases and companies house.
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
    Sharing your information: We do not share your information with third parties..
  • Lawful basis: Consent & Contract & Legitimate interest.
    Where our purpose for processing is: To notify you about our legal obligations, changes to our business or updated policies etc.
    Which is necessary because: Performing a service and contract with you and we have a legitimate interest to keep you informed.
    We process your information in the following ways:  Contact via email.
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; mailchimp.
  • Lawful basis: Consent & Legitimate interest.
    Where our purpose for processing is: To administer and maintain the website and our business.
    Which is necessary because: For our legitimate interests to troubleshoot, analyse , maintain, report, host and support data for the running of our business.
    We process your information in the following ways: Performing tasks related to the upkeep of the business.
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; web development team, web hosting provider, server team, software providers, google analytics.
  • Lawful basis: Consent & Legitimate interest.
    Where our purpose for processing is: To deliver relevant marketing campaigns and material.
    Which is necessary because: To understand and analyse our internal and external customers use our products and services in order to develop and grow and inform our business. 
    We process your information in the following ways: Performing tasks related to the upkeep of the business.
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; marketing team, facebook ads, pixel, google analytics, google adwords.
  • Lawful basis: Consent & Legitimate interest.
    Where our purpose for processing is: To use data analytics to improve the website both front and back end.
    Which is necessary because: For our legitimate interests to provide a seamless and problem free customer experience.
    We process your information in the following ways:  Performing analysis of data from third party and in-house cookies to ensure the smooth running of the website.
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists or if you unsubscribe.
    Sharing your information: We do share your personal information with third parties and they include; google analytics, facebook pixel.

If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.

Your individual rights

Under the GDPR your rights are as follows. You can read more about your rights in details here;

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object; and
  • the right not to be subject to automated decision-making including profiling.

You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.

We handle subject access requests in accordance with the GDPR.

Internet cookies

We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.

Some cookies are required to enjoy and use the full functionality of this website.

We use a cookie control system which allows you to accept the use of cookies, and control which cookies are saved to your device / computer. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.

Cookies that we use are;

  • Site Functionality cookies – so that you can navigate the site and use the site features. For example logging into the site. These are Wellthiness strictly necessary ones.
  • Analytical or Performance cookies– so that we can measure and analyse our site visitors use of the website. This enables us to improve the functionality and user experience on the site. These are Google analytics and Mailchimp.
  • Customer functionality cookies- these enable us to remember your preferences and personalise your shopping experience. These are Wellthiness.
  • Advertising or targeting cookies- these deliver relevant ads to you. These include, Google Adwords, Bing, Yahoo, Facebook .

By using our website , you agree to us placing these types of cookies on your device. Some of these cookies are set by us and others are by third parties who are working on our behalf for example google.

If you want to delete or disable any cookies you will need to access the setting of your website browser and either manually delete them or set the browser to automatically reject cookies. By disabling or rejecting cookies , the website may not work properly.

Data security and protection

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.

Fair & Transparent Privacy Explained

We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.

Sponsored links, affiliate tracking & commissions

Our website may contain adverts, sponsored and affiliate links on some pages. These are typically served through our advertising partners; Google Adsense, eBay Partner Network, Amazon Affiliates, or are self served through our own means. We only use trusted advertising partners who each have high standards of user privacy and security. However we do not control the actual adverts seen / displayed by our advertising partners. Our ad partners may collect data and use cookies for ad personalisation and measurement. Where ad preferences are requested as ‘non-personalised’ cookies may still be used for frequency capping, aggregated ad reporting and to combat fraud and abuse.

Clickable sponsored or affiliate links may be displayed as a website URL like this; www.jamieking.co.uk/blog/welcome.php or as a titled text link like this: How To Start A Blog.

Clicking on any adverts, sponsored or affiliate links may track your actions by using a cookie saved to your device. You can read more about cookies on this website above. Your actions are usually recorded as a referral from our website by this cookie. In most cases we earn a very small commission from the advertiser or advertising partner, at no cost to you, whether you make a purchase on their website or not.

We use advertising partners in these ways to help generate an income from the website, which allows us to continue our work and provide you with the best overall experience and valued information.

If you have any concerns about this we suggest you do not click on any adverts, sponsored or affiliate links found throughout the website.

Email marketing messages & subscription

Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.

Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.

Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also  unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.

Our EMS provider is; MailChimp We hold the following information about you within our EMS system;

  • Email address
  • I.P address
  • Subscription time & date
  • Phone number

Unsubscribe

If you no longer wish:

to receive any further email messages, post
to receive other communications from us
to be contacted by other companies who you previously permitted us to provide your details to

You may change your communication preferences in your Wellthiness account and email us at hello@wellthiness.com to notify us that you wish to unsubscribe.

Changes to Privacy Policy

We reserve the right to change our privacy policy, whilst of course keeping it within all relevant legislation and guidelines. We will do all we can to ensure that these pages show the most up to date information at all times, and may notify you of such changes by uploading the revised privacy policy on the Wellthiness website.

Our Practitioners’ Privacy Policies

Our practitioners are also bound by the same legislation as us. If they gather and keep your information, they must give you relevant information about their policy, and give you the opportunity to opt in or out of certain ways in which they might use that information. When you place an order with any practitioner on Wellthiness, the personal details that you submit at registration will by necessity be forwarded onto them along with the order. If you wish, you will need to verify the practitioner’s privacy policy directly with them.

We are not responsible and do not warrant or guarantee that the privacy policies, of any practitioner, or any other companies that your personal information is passed to in accordance with this Privacy Policy, comply with data protection legislation. We are not responsible for any damages which you or others may suffer as a result of the loss of confidentiality of such information.

Revised June 2020