1 – Scope
This will explain what we do with your information, how we share it and handle it. It will also tell you your options with regards to use of your personal information and how you can access it.
This Policy details what information Bodhi.fit collects when you:
- Visit our website(s), www.bodhi.fit
- Use our services (‘Services’); or
- When you otherwise do business or make contact with us.
2 – Our Information
Bodhi Fit Limited is a company registered in England under company number 12245509 whose registered office is at 20-22 Wenlock Road, London, England, N1 7GU, acting on behalf of itself.
3 – What Personal Data Do We Collect?
Through the above avenues listed in Section 1, we may collect some or all of the following personal data:
1. Personal details; name, address (incl postcode), email, telephone number
2. Financial details; account details, credit/debit card details, other payment information
3. Employment details; job title, profession, business/company name
4. Other details; details of interactions, i.e. customer support/previous purchases,
We collect this information when you make an enquiry into our services, sign-up to our mailing information, fill out forms, open an account to use our services, give a third-party permission to share information they hold about you, contact us in any way or engage with us on social media.
4 – Why Do We Collect This Information
Under the GDPR, we are required to have a lawful basis/legitimate interest in the use of your personal data. This will usually be to be able to perform our contract with you, because you have given your consent, or so we are able to give you the best customer experience.
Your personal data may be used for one or more of the following:
- To carry out any obligations arising from any service agreement(s) entered into by us and you through your purchase of the same and to provide you with the information and services you request from us
- To provide you with information about other goods and services we offer or recommend which you have enquired about or we may feel will be of interest to you.
- To communicate with you to gain feedback on our services in order to improve them
- To notify you of any changes to any of our services
- To ensure that content from our site and publications are presented in the most effective manner for you
- For internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
- For recruitment purposes
- To process payments and prevent fraudulent transactions to help protect our customers from fraud
- To assess the effect of our advertising to you and other and to deliver other relevant advertising to you.
- To comply with our contractual or legal obligations to share data with law enforcement.
5 – How Do You Protect My Personal Data
We implement several security measures to ensure the safeguarding of your data and we take all the appropriate steps required to maintain such protection. These measures include (but are not limited to):
- File encryption on all database servers with restricted files access
- Data encryption between services within our system and provided by third parties
- Disk Encryption on all mobile devices
- Firewalls restricting inbound and outbound network traffic
- Endpoint protection on all devices
6 – How Long Will We Keep Your Personal Data
Your data will never be held any longer than is necessary with respect of the reason for which it was first collected and we will always follow the relevant statutory retention limits for personal information where applicable. At the end of the retention period, where it is no longer needed or where you request it to be deleted; your data will either be completely deleted or anonymised, i.e. by aggregating data so it can be used in a non-identifiable way for statistical analysis and business planning.
7 – Do We Share Your Personal Data
There may be times where we share your personal data with other companies we may work or affiliate with so as to facilitate providing you with the Services our company offers.
Alternatively, we may sometimes have to share your personal data with third parties who facilitate us in providing our Services to you. This information is restricted only to the Personal Information required for them to fulfil their services to us. These companies can include:
- IT companies who support our website and business systems
- Marketing companies, which enables us to manage our electronic communications with you.
- Financial service companies, i.e. Paypal, which securely completes transactions for requested Services
In instances where your personal data is required by a third party, as above, we will ensure that your personal data is handled safely, securely and in accordance with your rights, our obligations and the third party’s obligations under the law.
Where personal information is transferred outside the EEA, we will take further additional steps to ensure your personal data is treated just as safely and securely as it would be within the EU.
There are also, limited circumstances, where we may be legally required to share certain personal data, which could include yours, if we are involved in or complying with legal obligations, a court order, or the instructions of a government body.
8 – How Can You Access Your Personal Data?
In order to know what personal data we have about you, you can submit a “Subject Access Request” which is a formal request for details of that personal data and for a copy of it.
All requests must be made in writing and sent to Annamaria Pellegrino (email@example.com).
We will respond to your subject access request within one month of receiving it. We usually aim to provide a complete response, however, in some cases, particularly if your request is more complex, more time may be required (up to three months) from the date we receive your request
9 – How Can You Contact Us?
To contact us regarding your personal data and data protection, including making a subject access request, please contact us at firstname.lastname@example.org
All changes will be made available via our website.