Privacy Policy
Your privacy is fundamental to our mission. This policy explains how Vitality & Glow Premium collects, uses, and protects your personal information in accordance with UK data protection laws.
Introduction
Vitality & Glow Premium Ltd ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website vitalityandglow.co.uk or make purchases from our natural health marketplace.
We are registered in Scotland (Company No: SC123456) and operate under the UK Data Protection Act 2018 and the General Data Protection Regulation (GDPR). By using our services, you consent to the data practices described in this policy.
Key Principle:
We only collect and use your personal data when we have a legitimate reason to do so, and we are always transparent about our data practices.
Information We Collect
Personal Information
We collect information that you provide directly to us, including:
Account Information
Name, email address, phone number, delivery address
Purchase Information
Order history, payment details, product preferences
Health & Wellness Data
Product reviews, health goals, allergy information (optional)
Communication Data
Customer service inquiries, feedback, survey responses
Website Usage
Pages visited, time spent, click patterns, search queries
Device Information
IP address, browser type, operating system, device identifiers
Automatically Collected Information
When you visit our website, we automatically collect certain information about your device and usage patterns:
- Cookies and similar tracking technologies
- Log files (IP addresses, browser information, page requests)
- Analytics data about website performance and user behavior
- Geolocation data (country/region for shipping purposes)
How We Use Your Information
We use your personal information for specific, legitimate purposes, always in accordance with data protection laws:
Order Processing & Fulfillment
Process payments, fulfill orders, arrange delivery, handle returns and customer service requests.
Account Management
Create and manage your account, authenticate your identity, provide personalized experiences.
Customer Service
Respond to inquiries, resolve issues, provide technical support and product assistance.
Marketing & Communication
Send promotional emails (with consent), personalize product recommendations, improve our services.
Legal & Security
Comply with legal obligations, prevent fraud, ensure website security, protect our rights and interests.
Website Improvement
Analyze usage patterns, optimize website performance, develop new features and services.
Data Sharing and Disclosure
We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Payment Processors | Process secure payments | Payment details (encrypted) |
| Shipping Partners | Deliver orders to customers | Name, address, contact details |
| IT Service Providers | Website hosting and maintenance | Technical data, user analytics |
| Legal Authorities | Comply with legal requirements | As legally required |
Data Processing Agreements
All third parties that process your data on our behalf have signed data processing agreements (DPAs) that require them to protect your information and use it only for the specific purposes we specify.
Your Rights and Choices
Under UK data protection law, you have important rights regarding your personal information:
Right of Access
Request a copy of all personal data we hold about you
Right to Rectification
Request correction of inaccurate or incomplete information
Right to Erasure
Request deletion of your personal data (subject to legal requirements)
Right to Restrict Processing
Limit how we process your information
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing for direct marketing purposes
Rights Related to Automated Decision Making
Not be subject to decisions based solely on automated processing
Right to Withdraw Consent
Withdraw consent for processing at any time (where consent is the legal basis)
How to Exercise Your Rights
To exercise any of these rights, please contact us at [email protected] or write to our Data Protection Officer at our Edinburgh office address.
We will respond to your request within one month (or inform you if we need longer to process your request). There is no fee for most requests.
Data Security
We implement comprehensive security measures to protect your personal information:
Technical Safeguards
- SSL/TLS encryption
- Secure data storage
- Regular security audits
- Access controls
Administrative Safeguards
- Staff training
- Data protection policies
- Regular assessments
- Incident response plans
Physical Safeguards
- Secure office premises
- Controlled access
- Secure disposal
- Backup procedures
Important Security Notice
While we use industry-standard security measures, no method of transmission over the internet is 100% secure. We encourage you to:
- Use strong passwords and change them regularly
- Log out of your account when using shared devices
- Keep your contact information up to date
- Report any suspicious activity immediately
Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your browsing experience and provide personalized content. You can manage your cookie preferences through our cookie settings.
Types of Cookies We Use
Essential Cookies
Required for basic website functionality, security, and user preferences
Analytics Cookies
Help us understand how visitors interact with our website to improve performance
Marketing Cookies
Used to deliver relevant advertisements and measure campaign effectiveness
Preference Cookies
Remember your settings and preferences for future visits
Managing Your Cookie Preferences
You can control cookies through:
- Our Cookie Settings panel (accessible via the footer link)
- Your browser settings to block or delete cookies
- Opt-out tools from advertising networks
- Mobile device settings for app-based tracking
Children's Privacy
Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.
For users aged 13-18, we require parental consent before collecting personal information, and we limit the types of data we collect from young users.
Parental Concerns
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected]. We will work with you to resolve the issue.
International Data Transfers
As a UK-based company, we primarily store and process your data within the United Kingdom and the European Economic Area (EEA). However, some of our service providers may be located outside the UK/EEA.
Legal Safeguards
When transferring your data outside the UK/EEA, we ensure adequate protection through:
- Adequacy decisions by the European Commission
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules (where applicable)
- Other legally approved transfer mechanisms
Data Transfer Impact
You can contact us at [email protected] to obtain copies of the relevant safeguards for international data transfers.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will notify you through:
- Email notification to your registered email address
- Prominent notice on our website
- Updates to the "Last Updated" date at the top of this policy
- In-app notifications (if applicable)
We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of our services after any changes indicates your acceptance of the updated policy.
Previous Versions
We keep previous versions of this Privacy Policy available for reference. If you have questions about changes, please contact us using the information below.
Contact Information
If you have any questions about this Privacy Policy or our data practices, please contact us through any of the following methods:
Company Information
Vitality & Glow Premium Ltd
Princes Street
Edinburgh, EH2 2ER
United Kingdom
Supervisory Authority
You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your personal data properly:
- Website: ico.org.uk
- Phone: 0303 123 1113
- Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF