This document outlines how The Health Heroine Ltd collects data, how it is used, who we may share that information with and how we keep it secure. It works hand-in-hand with the Terms and Conditions of Use, found on this website.
We keep our Privacy Notice under regular review. This Privacy Notice was last reviewed in May 2018.
We are registered with the Information Commissioner’s Office (ICO). Our Registration Number is: z3508019. For more information, visit the ICO website. ICO website.
For the purposes of the Data protection Act 1998, the Data Controller is The Health Heroine Ltd of 39 Elmfield Gardens, Newcastle upon Tyne, Tyne and Wear, United Kingdom, NE3 4XB, (email address: firstname.lastname@example.org).
Please read this Policy carefully before sharing any personally identifiable information.
What we do
The Health Heroine Ltd provides nutritional therapy services to clients to improve their health through diet and lifestyle interventions. We focus on preventative healthcare, the optimisation of physical and mental health and chronic health conditions. Through nutritional therapy consultations, dietary and lifestyle analysis and biochemical testing, we aim to understand the underlying causes of your health issues which we will seek to address through personalised dietary therapy, nutraceutical prescription (supplements) and lifestyle advice.
Other services we provide are seminars, webinars, workshops and retreats.
What personally identifiable information is obtained by The Health Heroine Ltd?
You provide us with personal data in the following ways:
- By completing a nutritional therapy questionnaire
- By signing a terms of engagement form
- During a nutritional therapy consultation
- Through email, over the telephone or by post
- By booking an online appointment via our online booking system
- By taking credit card and online payment
- By using, registering or placing an order on this website at http://www.thehealthheroine.com
This information may include the following:
- basic details such as name, address, contact details and next of kin
- details of contact we have had with you such as referrals and appointment requests
- health information including your previous medical history, dietary, lifestyle, supplement and medicine details, biochemical test results, clinic notes and health improvement plans
- GP contact information
- bank details (via PayPal)
Additional information we may obtain is:
- Sensitive medical information in the form of test results from biochemical testing companies. We use this information in order to provide you with direct healthcare. This means that the legal basis of our holding your personal data is for legitimate interest.
- Sensitive information from other healthcare providers. The provision of this information is subject to you giving us your express consent. If we do not receive this consent from you, we will not be able to coordinate your healthcare with that provided by other providers which means the healthcare provided by us may be less effective.
- Technical data such as the IP address of the machine you use when using, registering or placing an order on this website. The Health Heroine Ltd will not collect such information from users while they use the web site unless they voluntarily provide it to us and authorise us to collect such information. Users may provide other information about themselves from which they can be identified.
How is the information used?
We use this information in order to provide you with direct healthcare. This means that the legal basis of our holding your personal data is for legitimate interest.
We act as a data controller for use of your personal data to provide direct healthcare. We also act as a controller and processor in regard to the processing of your data from third parties such as testing companies, supplement companies, other health providers and PayPal.
We undertake at all times to protect your personal data, including any health and contact details, in a manner which is consistent with our duty of professional confidence and the requirements of the General Data Protection Regulation (GDPR) concerning data protection. We will also take reasonable security measures to protect your personal data storage.
We may use your personal data where there is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime. Also, where there is a legal requirement such as a formal court order, search warrant, subpoena or to investigate suspected fraud or a violation of our Terms and Conditions of Use.
The Health Heroine Ltd may, from time to time, send newsletter, post surveys or requests for your feedback in order to help us make our web site and services better. Any responses we receive from users will be used only to evaluate our website and services and no personally identifiable information from respondents will be shared with any non-employees of The Health Heroine Ltd, except that information provided in the Feedback/Comments areas.
If you are chosen for a promotion or as a winner in a contest, you give The Health Heroine Ltd permission to use your name, image and other information about you, for marketing purposes.
We will never sell user information to any 3rd-party not affiliated with The Health Heroine Ltd, without your specific and unambiguous consent, except in connection with the sale or merger of The Health Heroine Ltd or the division responsible for such services provided.
What non-personally identifiable information does the Health Heroine Ltd collect and how is it used?
The Health Heroine Ltd collects and tracks certain non-personally identifiable information, including, but not limited to, IP numbers and browser type, access times, domain names, usage habits and other information which does not specifically identify any individual.
Do you share my information with other organisations?
We will keep information about you confidential. We will only disclose your information with other third parties with your express consent with the exception of the following categories of third parties:
- Our registrant body, CNHC and our professional association, BANT, for the processing of a complaint made by you
- Any contractors and advisors that provide a service to us or act as our agents on the understanding that they keep the information confidential
- Anyone to whom we may transfer our rights and duties under any agreement we have with you
- Any legal or crime prevention agencies and/or to satisfy any regulatory request (e.g., CNHC if we have a duty to do so or if the law allows us to do so)
We may share your information with supplement companies and biochemical testing companies as part of providing you with direct healthcare. We will not include any sensitive information.
We will seek your express consent before sharing your information with your GP or other healthcare providers. However, if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests.
We may share your case history in an anonymised form with our peers for the purpose of professional development. This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites. We will seek your explicit consent before processing your data in this way.
The information you provide to us may be accessed by or given to third parties who act for us for the purposes set out in this policy or for other purposes approved by you. Those parties process information, fulfil and deliver orders, process credit card payments and provide support services on our behalf.
You agree that we may disclose your identity and contact details to (1) any third party who claims to us that any material posted or uploaded by you to our site constitutes a violation of their intellectual property rights or their rights of privacy, and (2) to other companies and organisations for the purposes of fraud protection and credit risk reduction.
Finally, if The Health Heroine Ltd enters into a joint venture with or is sold to or merged with another The Health Heroine Ltd entity, your information may be disclosed to our new The Health Heroine Ltd partners or owners.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
How long do you maintain information?
Following completion of your healthcare we retain your personal data for the period defined by our professional association BANT and registrant body, CNHC. This enables us to process any complaint you may make. In this case the legal basis of our holding your personal data is for contract administration.
Does The Health Heroine Ltd have a newsletter?
The Health Heroine Ltd regularly sends out a Newsletter via email (hereinafter “Newsletter”) to all Users (unless they have ‘opted-out’). In these Newsletters, we may inform you about new features from The Health Heroine Ltd and about the upcoming week’s events or special promotions.
User may choose to unsubscribe from the Newsletter at any time by sending an email to Customer Service at email@example.com.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
The following is a summary of the types of cookies that are being used on this site, along with information on how you can block them.
|Cookie Type||Cookie File Names||Purpose||Active on this site||More Information|
|Essential Site Cookies||Various||Site cookies are essential to the operation of this website. They are usually set when you first visit the site and deleted when you close your browser. If blocked, this site will not operate correctly||No||n/a|
|CMS (Content Management System)||Various||Cookies are set by our CMS/Blog system when you first visit this site. These cookies are not used by The Health Heroine Ltd. These cookies are usually deleted when a user closes their browser||Yes||n/a|
|Google Analytics||_utma, _utmb, _utmc, _utmz||These cookies are used to collect information about how visitors use our site. The information is used to compile reports that let us improve the site. The information is collected in any anonymous form, including the number of visits to this site, how you arrived at the site, and which pages you visted.||Yes||You can opt-out of these cookies by following this link: http://tools.google.com/dlpage/gaoptout|
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
Is my information private with The Health Heroine Ltd merchants and advertisers?
The only Voluntary Information that may be shared between The Health Heroine Ltd and one of our partner web sites is that which pertains to information used in the furtherance of tracking an order and providing you with correct information regarding same.
Order information, including order numbers and amounts, may be available to The Health Heroine Ltd, affiliate merchants and 3rd-party affiliate program management companies, for accurate tracking purposes. The Health Heroine Ltd will not release this information to other parties unless you request it.
The Health Heroine Ltd provides banner and other advertising on its web site, from Google and other third parties, that may place and read cookies on your browser, or use web beacons to collect information in the course of advertisements being served. If you are concerned about your privacy regarding these advertisements, please refer to Google’s (or other third party) privacy policies.
What about data security? What safeguards are in place to ensure data that identifies me is secure?
We only use information that may identify you in accordance with GDPR. This requires us to process personal data only if there is a legitimate basis for doing so and that any processing must be fair and lawful.
Within the health sector, we also have to follow the common law duty of confidence, which means that where identifiable information about you has been given in confidence, it should be treated as confidential and only shared for the purpose of providing direct healthcare. We will protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared.
We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it). We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.
We employ security measures to protect, so far as reasonably possible, your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We will retain your information for a reasonable period or as long as the law requires or permits.
The Health Heroine Ltd requires that our advertisers and partners ensure the security of the data that users provide to them, however, in the event of a breach of their security measures, you agree that The Health Heroine Ltd will not be liable for any losses or damages.
The Health Heroine Ltd limits access to personal information about users to employees, for whom we reasonably believe it is necessary, in order to provide products or services.
May I see the information The Health Heroine Ltd collects about me?
Every individual has the right to see, amend, delete or have a copy, of data held that can identify you, with some exceptions. You do not need to give a reason to see your data.
If you want to access your data, you must make a subject access request in writing to firstname.lastname@example.org.
Under special circumstances, some information may be withheld. We shall respond within 20 working days from the point of receiving the request and all necessary information from you. Our response will include the details of the personal data we hold on you including:
- Sources from which we acquired the information
- The purposes of processing the information
- Persons or entities with whom we are sharing the information
You have the right, subject to exemptions, to ask to:
- Have your information deleted
- Have your information corrected or updated where it is no longer accurate
- Ask us to stop processing information about you where we are not required to do so by law or in accordance with the BANT and CNHC guidelines.
- Receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit that data to another controller, without hindrance from us.
- Object at any time to the processing of personal data concerning you
We do not carry out any automated processing, which may lead to automated decision based on your personal data.
If you would like to invoke any of the above rights, then please write to the Data Controller at 39 Elmfield Gardens, Newcastle upon Tyne, Tyne and Wear, United Kingdom, NE3 4XB or email email@example.com.
You are entitled to see the personal information held about you and you may ask us to make any necessary changes to ensure that it is accurate and kept up to date. If you wish to do this, please contact us at firstname.lastname@example.org.
We do not raise any charge in providing you with details of the information we hold about you, but we may raise a charge where such requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or refuse to act on the request.
Can I Opt-out?
The Health Heroine Ltd gives users the option to remove personally identifiable information from our list of active users.
You may also choose to opt-out of certain communications from The Health Heroine Ltd, such as our Newsletter.
If you want to unsubscribe or opt-out of communications from us, send an email to Customer Service at email@example.com. We will respond within 48 hours.
The Health Heroine Ltd is not responsible for removing personally identifiable information from the lists of any 3rd-party partner or advertiser who has previously been provided your information in accordance with this Policy.
Where is the Health Heroine Ltd website located?
The Health Heroine Ltd web site is maintained in the United Kingdom. If you are located outside of the U.K., by using the web site, you authorise the import of your information and its use, as specified in this Policy.
What is the minimum age to use this website?
Use of http://www.thehealthheroine.com and products/services are intended for persons who are eighteen (18) years or older, or Health Heroine Ltd entities.
If proof comes to the attention of The Health Heroine Ltd that an individual user is under the age of eighteen (18) years, and is accessing our services and/or products without the consent, approval or authorisation of their parents or legal guardian or other person with legally recognised parental authority, The Health Heroine Ltd will immediately terminate such account.
The Health Heroine Ltd reserves the right to amend this Policy at any time, in the event that this becomes necessary after initial release, or in the event that it becomes necessary with respect to additional, deleted, modified or amended services provided by The Health Heroine Ltd.
The Health Heroine Ltd will not personally notify you of any amendments to this Policy. Users are urged to check this Policy frequently in order to determine whether any changes have been made. Users understand and agree that continued use of The Health Heroine Ltd web site assumes that they have read and accepted this Policy, as it may be amended from time to time.
Where can I access this policy?
The Health Heroine Ltd never uses or installs spy ware on user computers, nor do we use spy ware to retrieve information from user computers.
Your California Privacy Rights
IF YOU ARE A USER IN CALIFORNIA, USA: The State of California, USA, has passed legislation requiring certain specific disclosures be made available to California residents who use the Internet and provide information that may be used for marketing purposes. That legislation requires any The Health Heroine Ltd that discloses a customer’s personal information (as defined by the “Act”) to any 3rd-party, for direct marketing purposes, to provide the customer a method for obtaining the names, addresses and certain other specified details of anyone who might have received that personal information. If you are a California resident you may request this information from The Health Heroine Ltd by writing to:
The Health Heroine Ltd,
39 Elmfield Gardens,
Newcastle upon Tyne,
Tyne and Wear,
Attn: California, USA Privacy Rights.
or by sending an e-mail, with “California, USA Privacy Rights” in the subject line, to firstname.lastname@example.org. The Health Heroine Ltd is not obligated to respond to more than one such request from User per calendar year.
If you have a complaint regarding the use of your personal data then please contact us by writing to the Data Controller 39 Elmfield Gardens, Newcastle upon Tyne, Tyne and Wear, United Kingdom, NE3 4XB or email email@example.com and we will do our best to help you.
If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO), you can contact them on 01625 545745 or 0303 1231113.
We are happy to provide any additional information or explanation needed. Any requests for this should be sent to the firstname.lastname@example.org.