1. Introduction
At Super Health Keto (we, our, or us), we are committed to safeguarding the privacy and personal data of visitors to our website, particularly those located within the European Union (EU). This GDPR Compliance Statement details how we collect, process, store and safeguard personal information in compliance with GDPR regulations.
2. Data Controller
Super Health Keto is the data controller responsible for handling your personal data. Should you have any inquiries or reservations about how we are processing or protecting it, please reach out using the details listed in our Contact Us section below.
3. Lawful Basis for Processing Personal Data
We process your personal data on one or more of the following legal grounds:
Consent: By subscribing to our newsletter, you have provided clear consent for us to process your personal data for specific purposes (e.g. subscribing).
Contractual Necessity: Processing is necessary for fulfilling our contract with you (e.g. providing access to premium content).
Legal Obligation: Processing must meet legal obligations (e.g. tax regulations).
Legitimate Interests: Processing is necessary for our legitimate interests (such as improving our website and services) provided that your rights don’t override them (e.g. improving website and services).
4. Types of Personal Data We Collect
We may collect and process the following categories of personal data:
Contact Details: These include name, email address, telephone number and mailing address.
Account Information: When opening an account, all relevant details such as username and password will need to be provided for it to function correctly.
Usage Data: Information regarding how our visitors engage with our website, such as pages visited, time spent on each page and navigation paths taken.
Device Information: IP address, browser type, operating system version and device identifiers are amongst other essential details about any electronic device.
Marketing Preferences: Please provide information on your preferences for receiving marketing communications from us.
5. How We Gather Personal Data Our methods for gathering personal information are as follows:
Direct Interactions: Whenever you subscribe to our newsletter, complete a contact form, create an account on our website or engage in other activities on it, we interact directly with you.
Automated Technologies: Through cookies, web beacons, and other tracking technologies to collect usage and device data.
Third-Party Sources: Information obtained through services integrated into our website from third parties such as social media platforms or analytics providers.
6. Use of Personal Data We utilize your personal information for the following purposes:
Delivering Services and Content: To deliver the services and content requested by you, such as newsletters, customized content or access to premium features.
Enhancing our Website: To assess user behavior and enhance functionality and user experience on our website.
Communication: Our aim is to respond promptly to inquiries, send updates, and provide information on services and promotions available to us.
Marketing: Our aim is to send marketing communications tailored to your preferences and consent.
Compliance and Security: Our primary goals in terms of Compliance and Security are to comply with legal obligations, protect against fraudulent activities and security threats, as well as ensure their own personal wellbeing.
7. Sharing Personal Data
In certain circumstances, we may share your personal data:
Service Providers: Third-party companies who perform services for us such as hosting, email delivery and analytics. These service providers are contractually obliged to protect your data and use it only for its intended purposes.
Affiliate and Partnership Networks: Sharing information with affiliates or partners so we can offer services or promotions that may interest you.
Legal Requirements: When required by law, regulation, or legal process (e.g. court orders or government requests).
Business Transfers: Should there be a merger, acquisition or sale of all or part of our assets, your data may be part of that transaction and transferred as part of it.
Your Consent Is Required: Any further sharing of your data requires explicit approval from you.
8. International Data Transfers:
Your personal data may be transferred and processed in countries outside the European Economic Area (EEA). We ensure compliance with GDPR when making such transfers by employing appropriate safeguards, such as:
Standard Contractual Clauses (SCCs): Ensuring that third parties adhere to adequate data protection measures.
Privacy Shield Certification: When applicable, maintaining certification under frameworks which ensure data protection standards.
9. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes stated in this GDPR Compliance Statement or when required or allowed by law; factors used to establish retention periods include:
Legal Obligations: Complying with applicable laws and regulations.
Business Needs: Operating requirements that improve services or enhance user experiences.
User Requirements: Responding to user requests for access, correction or deletion of data.
As an EU resident, you have several rights regarding your personal data:
Right of Access: Request access to and a copy of any personal data we hold about you.
Right of Rectification: Individuals have the right to request correction of inaccurate or incomplete personal data.
Right to Erasure (Right to be Forgotten): Under certain conditions, you have the right to request deletion of your personal data.
Right to Restrict Processing: Under certain conditions, you have the right to request restriction of processing of your personal data.
Right to Data Portability: Claim your right to have your personal information transferred directly from one organization or directly to you in an easily readable, machine-readable format.
Right to Object: Reject any processing of your personal data that serves certain purposes – for instance direct marketing.
Rights Related to Automated Decision-Making: Request human intervention, express your point of view and challenge decisions made solely based on automated processing.
For your own protection and to exercise any of these rights, please reach out to us using the information in our Contact Us section below. We will respond within the timeframes dictated by GDPR.
10. Consent Management
Where necessary, we obtain your explicit consent before processing your personal data for specific purposes. At any point you can withdraw this permission by contacting us; withdrawing it does not impact on the lawfulness of processing carried out based on previous consent granted.
11. Data Security
We employ appropriate technical and organizational measures to safeguard the security of your personal information against unauthorized access, alteration, disclosure, or destruction. These safeguards include:
Encryption: Protecting data both during transmission and storage using industry-standard encryption protocols.
Access Controls: Restricting access to personal data to only authorized personnel.
Regular Audits: Conducting periodic security evaluations and audits in order to identify vulnerabilities and address them quickly is essential in maintaining an optimal business environment.
Incident Response: Adopt a swift response plan in case of data breaches or security incidents to quickly deal with them.
12. Revamp of This GDPR Compliance Statement
From time to time, we may amend this GDPR Compliance Statement in response to changes in our data practices or legal obligations. When this occurs, any updates will be posted here with their “Last Updated” date being adjusted accordingly – to stay informed about how we protect your personal information, please review this document periodically.
13. Contact Us
If you have any questions, concerns, or requests regarding this GDPR Compliance Statement or our data processing practices, please contact us: [email protected]