Feel free to email us at: email@example.com if you have questions or concerns.
Contents of this Policy:
We are registered as a limited company in the UK as OptimallyMe Ltd and refer to ourselves in the first person throughout this policy. Our company registration number is 14482137 and our registered office is The Leadenhall Building, 122 Leadenhall Street, London EC3V 4AB. We are registered with the UK Information Commissioner's Office (registration number: ZB530103 ). OptimallyMe Ltd is the controller of your personal information and is responsible for protecting the personal information we hold about you. Our parent company is OptimallyMe S.A., based in Geneva, Switzerland (company number CHE-377.187.113)
If you have any questions or concerns, you can contact our Data Protection Officer by post at: The Leadenhall Building, 122 Leadenhall Street, London EC3V 4AB or by email at:firstname.lastname@example.org
Personal information is the term we use to describe information which we collect and which identifies you (such as your name) or could indirectly identify you (such as an IP address or other online identifier).
We have personal information about you that you have given us; personal information about you that we collect from your device and personal information about you that we obtain from other sources. In this section, we explain what personal information we have about you.
A. Information you give to us (e.g. on contact forms, questionnaires or when setting up accounts)
If you ask us to delete your contact details or account details, we may no longer be able to provide our services to you.
B. Information we collect automatically when you visit our Website
C. Information generated by our services
The types of personal information that we receive as a result of our services may include the following special categories of personal data:
We will only collect these types of special categories of information with your explicit consent. Please remember that if you choose to withdraw your consent to our processing of these categories of information, we may be unable to provide our services to you.
The nature of what we do at OptimallyMe means that if you opt to use our services through a business-to-business customer of ours - we may receive personal information about you from our business customers, suppliers and subcontractors (for example, doctors, laboratories and nutritionists).
D. Information we receive from sources other than those in C. above
Please contact us at: email@example.com if you are aware that we may have inadvertently collected personal information from a child.
We use your personal information for different purposes, but in all cases, we must have a legal basis for doing so. When we use your "special categories of personal data" we need an additional legal basis.
These are the legal bases for which we use your information:
Additional Legal Basis – to justify the use of "special categories of personal data" for these purposes
To contact you (including by email or post) with information about our products and services which either you request, or which we feel will be of interest to you.
To analyse how you use our products and services.
To provide you with targeted marketing.
To allow you to access and use our Website and to register for an account.
To provide you with the information, products and services that you request from us.
To notify you about changes to our services and to keep you informed about our fees and charges.
To do things necessary for our business, such as pursuing debts or ensuring the security of our services and Website.
To carry out statistical analysis and market research.
To carry out marketing, advertising and promotions.
To improve and maintain our Website, prepare reports or compile statistics in order to improve our services.
To detect or prevent fraud.
We do not need to use your "special categories of personal data for these purposes
To comply with our legal, accounting, regulatory and tax obligations.
To establish, defend or exercise our legal rights.
Defence of legal claims
We will only share your personal information with other organisations after careful consideration and only when we have a legitimate reason. We may share your personal information with the following categories of third parties:
If we share your personal information with third parties, they will only legally be able to use it for the purpose of providing services to us. We make sure that third parties we share personal information with follow equivalent privacy and security procedures to our own to protect your information.
We may anonymise and aggregate your data to create health reports and statistics. We may also share anonymised and aggregated data with third parties for several purposes including but not limited to marketing and academic research. None of these anonymised, aggregated reports or statistics will enable you to be personally identified.
Finally, we may also disclose your personal information to third parties in certain exceptional circumstances as follows:
Except for what is written in this policy, we will never share any of your personal information with any third party without notifying you and/or getting your consent. If you do consent and later change your mind, you can remove consent and therefore our permission to use this information. See section 6 below for your rights to withdraw consent.
We keep your personal information for no longer than necessary for the purposes for which the personal information is processed. The length of time for which we retain personal information depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights. As soon as there is no longer any need for us to hold your personal information, we will delete it or, in some cases, anonymise it so you can no longer be identified from it.
Reason for the retention period
Personal data, including customer names,
5 years after the last purchase
Subscription test records
5 years after the last purchase
5 years after the last purchase
Account correspondence (notes, complaints, purchase history)
6 years after the last purchase
Limitation Act 1980
You can contact us by email at: firstname.lastname@example.org at any time, to request that we:
Please note that many data subject rights are not absolute and the extent to which they apply may vary depending on the circumstances and any exemptions that may apply. If you would like to exercise any of your data subject rights, please contact us at: email@example.com. We will consider all such requests and provide our response within a reasonable period (and in any event within one month of your request unless we tell you we are entitled to a longer period by law).
All EEA countries (the EU, Norway, Iceland and Liechtenstein) provide an adequate level of data protection allowing the free transfer of personal information between the UK and any of those countries.
We process the personal information we collect at our offices in London, but we may transfer your personal information outside the UK or the EEA to our third-party providers listed immediately below:
Our responsibility to you
At OptimallyMe, we have physical, electronic and managerial procedures in place to protect and secure the information we collect. We are committed to protecting personal information from loss, misuse, disclosure, alteration, unauthorised access and destruction and we take all reasonable precautions to safeguard the confidentiality of personal information. This includes appropriate entry controls to our premises, multi-factor authentication for all accounts relating to production data
We make every effort to protect your personal information. However, there is always an inherent risk, beyond our control, in sending information over the Internet. If we do ever encounter any online data breaches, we commit to taking prompt action to resolve the situation to protect your information.
We use Shopify Payment, Stripe and Paypal for payment transactions and so do not hold payment or payment card data
(except for the last 4 digits).
Your responsibility to us
Where we have given you (or where you have chosen) a password which enables you to access your online account, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.