2. The Data Protection Bill 2017
EPTO Nutrition Ltd complies with the principles of the Data Protection Bill 2017 in accordance with General Data Protection Regulations (GDPR).
3. Purpose of data
The data we collect from users is the data required to provide professional services to users and communicate with users.
The data held by EPTO Nutrition Ltd is collected through contact forms and subscribing and includes name, surname, home address, email, phone number(s) and website
4. Disclosures - Sharing of data
We may disclose your personal information (including to trusted third parties) for the purposes for which is primarily held or for a related secondary purpose and in some cases we may disclose information without your consent. Your personal and sensitive information may be disclosed to EPTO Nutrition Ltd employees, EPTO Nutrition Ltd representatives, service providers we use to deliver aspects of our service such as database or email software facilities.
Data is shared upon request on behalf of a member with external companies that provide practitioner services.
Data is shared internally with administrators for the purpose of verifying payments and refunds.
5. Legacy data
Users of EPTO Nutrition Ltd details are kept on record for up to 3 years.
6. Device specific data
The following information may be collected through your device and browser:
· Your devices IP address (collected and stored in an anonymized format)
· Your email address including first name and surname
· Device screen size
· Device type (unique identifiers) and browser information
· Geographic location (country only)
· Preferred language used to display the webpage
7. Digital Log data
Our servers automatically record information which is created using our software. Data includes:
· Referring domain
· Pages visited
· Geographic location (country only)
· Preferred language used to display information
· Date and time when pages were accessed or created
EPTO Nutrition Ltd users is optional. By using our website EPTO Nutrition Ltd, users consent via their application to receive information relating to the activities of EPTO Nutrition Ltd in the form of newsletters, regulatory updates, upcoming seminars, webinars, events, training, special offers and information relevant to the profession.
9. Opting out
Opt out mechanisms are in place on all EPTO Nutrition Ltd mailings and communications. Users can choose to opt out at any time by clicking the opt-out button at the bottom of mailings or emailing EPTO Nutrition Ltd directly with a request to opt out.
10. Use Made of Personal Information
Personal information provided to EPTO Nutrition Ltd will be used for the purposes of providing services to our users. Any personal information which is collected by EPTO Nutrition Ltd will be used by EPTO Nutrition Ltd only in accordance with current data protection legislation.
In addition, personal information may be used for statistical analysis.
Personal data will be collected and processed by EPTO Nutrition Ltd for the following purposes:
(1) To assess your health conditions
(2) To prescribe health plans
(4)To validate and confirm your status (at your request) to external companies
(5)To record complaints or misdemeanours.
Processing personal data for the above purposes may entail sharing the information with employees, contractors, agents and professional advisors and regulators of EPTO Nutrition Ltd.
Written agreements exist between EPTO Nutrition Ltd and such parties that there must be no further disclosure of such personal data.
12. Verifying, updating and amending your personal information
If, at any time, a user wants to verify, update or amend their personal data they may write to:
42 Great Oak Square
07827 915 872
Verification, updating or amendment of personal data takes place within 10 working days
13. Storage of personal data
Data is stored in a secured, encrypted, cloud based database. Payments are processed according to the requirements of 12.9 PCI DSS v3.2 in accordance with PCI security standards.
14. Processing of data
Personal and financial data is processed and handled via Amazon Web Services (AWS), the world’s largest cloud provider with recognised certifications and audits PCI DSS Level 1, ISO 27001, FISMA Moderate, FedRAMP, HIPAA and SOC 1, SOC 2 and SOC 3 audit reports.
All personal data is fully backed up and stored in highly secure AWS data centres with 24/7 infrastructure monitoring, with immediate notification and recovery in place in the event of a data breach.
A “cookie” is a small text file that is placed on a user’s computer hard drive by a website. There are several types of cookie and the most common are often referred to as ‘session’ cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.
Other types of cookies can be used to track internet activity after the user has left a website. These are usually sponsored by organisations external to the website being visited and are generally known as ‘third party’ cookies. These usually have a long lifetime with several months being quite common. They are ‘harvested’ and ‘refreshed’ whenever the user visits a page where the same or a similar cookie is being used.
EPTO Nutrition Ltd uses benign, short lived ‘session’ cookies to tell whether a website user has logged in, where to find details that can be used to pre-fill parts of on-line forms and to personalise the user’s visit to the website.
EPTO Nutrition Ltd cookies do not analyse visits to other website or any searches undertaken whilst on the EPTO Nutrition Ltd website.
Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third party and long lived cookies.
EPTO Nutrition Ltd uses cookie free technology that uses Internet Protocol (IP) information exchanged during the course of normal web activity combined with data enhancement technology to get detailed analytics information.
16. Links to Third Party Websites
EPTO Nutrition Ltd is not responsible for the privacy policies of third party websites. EPTO Nutrition Ltd advises users to read the privacy policies of other websites before registering any personal data.
EPTO Nutrition Ltd holds your personal data in accordance with the security provisions of the UK data protection legislation.
If you have any questions about security please contact EPTO Nutrition Ltd on 07827915872
18. Notification of Changes
Users have the right to ask EPTO Nutrition Ltd, in writing, for a copy of all the personal data held about them upon payment of a fee (“subject access request”) and to request that EPTO Nutrition Ltd correct any inaccuracies in that information.
19. Your rights over your data
You have the right to rectify, amend, correct or erase your data except where there is a legal basis for refusal.