The data controller in respect of our website is Staffs Fitness Ltd.
We collect and use information from website visitors in accordance with the below:
We use a third party server to host our website. Our website server automatically logs the IP address you use to access our website as well as other information about your visit such as the pages accessed, information requested, the date and time of the request, the source of your access to our website (e.g. the website or URL (link) which referred you to our website), and your browser version and operating system.
Our server is located in the United Kingdom.
Our third party hosting provider stores server logs to ensure network and IT security and so that the server and website remain uncompromised. This includes analysing log files to help identify and prevent unauthorised access to the network, the distribution of malicious code, denial of services attacks and other cyber attacks, by detecting unusual or suspicious activity.
Unless we are investigating suspicious or potential criminal activity, we do not make, nor do we allow our website server provider to make any attempt to identify you from the information collected via server logs.
Cookies are data files which are sent from a website to a browser to record information about users for various purposes.
You can reject some or all of the cookies we use on or via our website by changing your browser settings.
We collect and use information from individuals who contact us in accordance with this section:
When you send an email to the email address displayed on our website, we collect your email address and any other information you provide in that email (such as your name, telephone number and the information contained in any signature block in your email).
When you contact us using our contact form, we collect the following information: your name, email address and any information you include in the message field. We also collect your company name if you provide it.
Messages you send us via our contact form will be stored on our web servers in the UK.
When you contact us by phone, we collect your phone number and any information you provide to us during your conversation with us. We do not record phone calls.
If you contact us by post, we will collect any information you provide to us in any postal communications you send us.
We collect and use information from individuals who interact with particular features of our website:
When you register and create an account on our website (at checkout), we collect the following information: your name, company name (if applicable), your address (including country, street address, town/city and postcode), phone number, email address and password (we do not view your password).
We collect and use information from individuals who place an order on our website in accordance with the below:
Information we collect when you place an order
When you place an order for goods or services on our website, we collect the following mandatory information: name, email address, phone number, billing address, company name (if applicable), VAT number (if applicable) and account password (if you create an account).
At checkout you will have the option of receiving marketing communications from us.
You can opt in to receiving marketing communications from us in relation to our goods and services by email by ticking the box ‘I would like to receive offers about products and services by email’.
We will send you marketing communications in relation to our goods and services only if you opt-in to receive them.
After you place an order on our website you will need to make payment for the goods or services you have ordered. In order to process your payment we use a third party payment processor, known as UTP. Your payment will be processed by the payment provider you choose to process your payment via a payment gateway.
The third party payment processors we use all collect, use and process your information, including payment information, in accordance with their privacy policies. You can access their privacy policies via the following links:
We use Woocommerce as the ecommerce platform for processing orders on our website. When you place orders on our website, your information will be processed by Woocommerce. Woocommerce does not collect any information about you when it processes your order on our site.
This section sets out the circumstances in which will disclose information about you to third parties and any additional purposes for which we use your information.
Disclosure of your information to service providers
We use a number of third parties to provide us with services which are necessary to run our business or to assist us with running our business and who process your information for us on our behalf. These include the following:
Your information will be shared with these service providers only where necessary to enable us to run our business.
We will use and process your information in order to comply with legal obligations to which we are subject. For example, we may need to disclose your information pursuant to a court order or subpoena if we receive one or to the National Crime Agency in connection with suspected or potential money laundering matters.
We disclose your information to other third parties in specific circumstances, as set out below.
Providing information to Google Inc.
Sharing your information with third parties, which are either related to or associated with the running of our business, where it is necessary for us to do so. These third parties include our accountants, advisors, affiliates, business partners, independent contractors, and insurers
We may share information with our accountants for tax purposes. For example, we share invoices we issue and receive with our accountants for the purpose of completing tax returns and our end of year accounts.
Our accountants are located in the United Kingdom.
Occasionally, we obtain advice from advisors, such as accountants, financial advisors, lawyers and other specialists. We will share your information with these third parties only where it is necessary to enable these third parties to be able to provide us with the relevant advice.
Our advisors are located in the United Kingdom.
Business partners are businesses we work with which provide goods and services which are complementary to our own or which allow us to provide goods or services which we could not provide on our own. We share information with our business partners where you have requested services which they provide whether independently from, or in connection with or own services.
Our business partners are located in the United Kingdom.
We will hold the following types of data:
All of the above information is required for our processing activities.
HOW LONG WE RETAIN YOUR INFORMATION
This section sets out how long we retain your information. We have set out specific retention periods where possible.
Correspondence and enquiries: when you make an enquiry or contact us by email or via our contact form, we will retain your information for as long as it takes to respond to and resolve your enquiry, and for 6 further month(s), after which point we will delete your information.
HOW WE SECURE YOUR INFORMATION
Measures taken to secure your information
We take appropriate technical and organisational measures to secure your information and to protect it against unauthorised or unlawful use and accidental loss or destruction, including:
Transmission of information over the internet is not entirely secure, and if you submit any information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk.
We cannot be responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.
Subject to certain limitations on certain rights, you have the following rights in relation to your information to
Verifying your identity
Where you request access to your information, we are required by law to use all reasonable measures to verify your identity before doing so.
These measures are designed to protect your information and to reduce the risk of identity fraud, identity theft or general unauthorised access to your information.
Where we possess appropriate information about you on file, we will attempt to verify your identity using that information.
If it is not possible to identity you from such information, or if we have insufficient information about you, we may require original or certified copies of certain documentation in order to be able to verify your identity before we are able to provide you with access to your information.
We will be able to confirm the precise information we require to verify your identity in your specific circumstances if and when you make such a request.
What is sensitive personal information
‘Sensitive personal information’ is information about an individual that reveals their racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic information, biometric information for the purpose of uniquely identifying an individual, information concerning health or information concerning a natural person’s sex life or sexual orientation.
Our policy on Sensitive Personal Information
We do not knowingly or intentionally collect sensitive personal information from individuals, and you must not submit sensitive personal information to us.
If, however, you inadvertently or intentionally transmit sensitive personal information to us, you will be considered to have explicitly consented to us processing that sensitive personal information under Article 9(2)(a) of the General Data Protection Regulation. We will use and process your sensitive personal information for the purposes of deleting it.
Because we care about the safety and privacy of children online, we comply with the Children’s Online Privacy Protection Act of 1998 (COPPA). COPPA and its accompanying regulations protect the privacy of children using the internet. We do not knowingly contact or collect information from persons under the age of 18. The website is not intended to solicit information of any kind from persons under the age of 18.