top of page
cody-chan-U1pdTX42sXc-unsplash_edited.png

PRIVACY

POLICY

Beanpod Nutrition Ltd Privacy Policy

 

Date updated: 30th May 2023

​

This privacy policy is kept under regular review

​

Our contact details

Name: Harriet Maule-ffinch

Address: 71 Horsegate, Deeping St. James, Peterborough PE6 8EW

E-mail: harri@beanpodnutrition.co.uk

Web: www.beanpodnutrition.co.uk

 

The type of personal information (any information that can be used to identify a living person) we collect

​

We currently collect and process the following information:

​

  • Personal identifiers, contacts and characteristics including:

    • Name, date of birth, address, email address, phone number, other contact details and next of kin

  • Details of contact we have had with you such as referrals and appointment requests

  • Health data including your previous medical history, dietary, lifestyle, supplement and medicine details, clinic notes and health improvement plans

    • Health data is classed as ‘special category data’ and the rules requires additional conditions to be met

    • The condition for processing the special category data is ‘explicit consent’, i.e. the processing of your health data is actually objectively necessary to perform the contractual service

    • You provide this explicit consent via the Beanpod Nutrition Ltd Consent Form

    • You have a right to withdraw this consent – please email harri@beanpodnutrition.co.uk

  • GP contact information

  • Bank details

  • Online identifiers’ including IP addresses and cookie identifiers which may be personal data

    • Please refer the section below titled Cookie Policy for more information

  • We use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page

 

How we get the personal information and why we have it

​

Most of the personal information we process is provided to us directly by you.

​

You provide us with personal data in the following ways:

​

  • By completing nutrition and lifestyle questionnaires

  • By signing a terms of engagement form

  • During a nutrition coaching consultation

  • Through email, text message, Whatsapp, over the telephone or by post

  • By taking credit card and online payment  

  • By downloading a free resource, such as an e-book

  • Like most websites, we make use of analytics software in order to help us understand the trends in popularity of our website and of different sections. information about how visitors use our site. We use the information to compile reports and to help us improve the site. We make no use of personally identifiable information in any of the statistical reports we use from this package.

    • We use an analytics package called Google Analytics who provide details of their privacy policy on the Google website

​​

We also receive personal information indirectly, from the following sources in the following scenarios:

  • We may obtain sensitive information from other healthcare providers to enable us to coordinate your healthcare with that provided by other providers.

  •  The provision of this information is subject to you giving us your express consent.

  • If we do not receive this consent from you, we will not be able to coordinate your healthcare with that provided by other providers which means the healthcare provided by us may be less effective.

​​

We use the information that you have given us in order to provide you with healthcare including nutrition coaching services to improve your health through diet and lifestyle interventions.  We focus on preventative healthcare, the optimisation of physical and mental health and chronic health conditions.  Through nutritional therapy consultations, dietary and lifestyle analysis, we aim to understand the underlying causes of your health issues which we will seek to address through personalised dietary therapy and lifestyle advice. We also provide group coaching, cooking lessons and workshops, corporate wellbeing services, recipe development and catering.

​

Under the UK General Data Protection Regulation (UK GDPR), we process this information for one of the following reasons, i.e. he lawful bases we rely on for processing this information are:

  • Your consent;

    • You are able to remove your consent at any time. You can do this by contacting harri@beanpodnutrition.co.uk or post correspondence to 71 Horsegate, Deeping St. James, Peterborough, PE6 8EW.

  • We have a contractual obligation;

  • We have a legal obligation; (where the processing is necessary for us to comply with our legal or regulatory obligations)

​​

We will keep information about you confidential.  We will only disclose your information with other third parties with your express consent with the exception of the following categories of third parties:

  • Anyone to whom we may transfer our rights and duties under any agreement we have with you

  • Any legal or crime prevention agencies and/or to satisfy any regulatory request

  • We will seek your express consent before sharing your information with your GP or other healthcare providers.  However, if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests.

  • We may share your case history in an anonymised form with our peers for the purpose of professional development.  This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites.  We will seek your explicit consent before processing your data in this way.

​​

We use third-party sub-processors to help provide services. They process data you input, which may include personal data. They are listed below.

​

Third Parties

​

  • Xero, global online platform for small businesses and their advisors. At the core of the platform is cloud accounting software, New Zealand

    • Xero have an independent Privacy Policy that you may wish to review - https://www.xero.com/uk/legal/privacy/

    • Please note that your personal data may be handled through servers outside the UK/EU

    • When personal data is hosted or processed outside of the European Economic Area by Xero, GDPR requires that it remains protected by appropriate safeguards in line with EU law. You may wish to review the Xero data processing addendum which provides details - https://www.xero.com/uk/legal/terms/data-processing/

    • Xero will not transfer the Data outside of the European Economic Area (EEA) nor the United Kingdom (UK) unless it has taken such measures as are necessary to ensure the transfer is in compliance with Applicable Data Protection Law. Such measures may include (without limitation) transferring the Data to a recipient in a country that the European Commission and/or the UK Secretary of State (as applicable) has decided provides adequate protection for personal data (for example, New Zealand) or to a recipient that has executed standard contractual clauses adopted or approved by the European Commission and/or UK Secretary of State or UK Information Commissioner (as applicable).

    • To this end, Beanpod Nutrition Ltd authorises Xero to enter into standard contractual clauses as their agent and on their behalf with any recipient of Data who is not located in an Adequate Country where this is necessary for compliance with Applicable Data Protection Law.

​​

​​

​​

  • Microsoft Office 365, Cloud infrastructure service provider, United States

    • Microsoft have an independent Privacy Policy that you may wish to review - https://privacy.microsoft.com/en-GB/privacystatement

    • Microsoft transfer personal data from the European Economic Area, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, see this article on the European Commission website.

​​

  • Calendly, a meeting scheduling tool, United States

    • Calendly has an independent Privacy Policy that you may wish to review - https://calendly.com/privacy

    • Please note that your personal data may be handled through servers outside the UK/EU

    • In connection with the operation of its Website, Calendly may transfer your Personal Data to various locations, which may include locations both inside and outside of the European Economic Area. We rely on Standard Contractual Clauses and the UK Addendum to legally transfer Personal Data submitted relating to individuals in the European Economic Area, the United Kingdom and Switzerland.

​​

  • Wix, a cloud-based web development service allowing users to create HTML5 websites and mobile sites, Israel (publicly listed in United States)

    • Wix has an independent Privacy Policy that you may wish to review - https://www.wix.com/about/privacy

    • Please note that your personal data may be handled through servers outside the UK/EU

    • The Processing of the Users-of-users’ Personal Information shall take place within the territory of the European Union, Israel or a third country, territory or one or more specified sectors within that third country of which the European Commission has decided that it ensures an adequate level of protection and such processing and transfer will be in accordance to the Data Processing Addendum – Users (“DPA"). Any transfer to and Processing in a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission, shall be conducted under an approved transfer mechanism, as detailed in the DPA.

​​

  • Google Analytics, analytics service that enables the measurement of traffic and engagement across websites and apps, United States

    • Google has an independent Privacy Policy that you may wish to review - https://policies.google.com/privacy

    • Please note that your personal data may be handled through servers outside the UK/EU

​

  • Whatsapp,  an internationally available freeware, cross-platform, centralized instant messaging and voice-over-IP service owned by Meta, United States

    • Whatsapp has an independent Privacy Policy that you may wish to review - https://www.whatsapp.com/legal/privacy-policy

    • Please note that your personal data may be handled through servers outside the UK/EU

    • ​Your information may, for example, be transferred or transmitted to, or stored and processed in, the United States; countries or territories where the Meta Companies’ affiliates and partners, or our service providers are located; or any other country or territory globally where our Services are provided outside of where you live for the purposes as described in this Privacy Policy. WhatsApp uses Meta’s global infrastructure and data centers, including in the United States. These transfers are necessary to provide the global Services set forth in our Terms. Please keep in mind that the countries or territories to which your information is transferred may have different privacy laws and protections than what you have in your home country or territory.

​

How we store your personal information

​

Your information is securely stored.

We keep your personal data in Practise Better, the practise management tool. Please refer to their privacy policy https://practicebetter.io/privacy for more information.

​

Your data protection rights

​

Under data protection law, you have rights including:

  • Your right of access - You have the right to ask us for copies of your personal information.

  • Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

  • Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.

  • Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

​

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

​

Please contact us at harri@beanpodnutrition.co.uk or post correspondence to 71 Horsegate, Deeping St. James, Peterborough, PE6 8EW if you wish to make a request.

​

Website technical details

​

Forms

We use electronic forms on our website making use of an available ‘forms module’ which has a number of built-in features to help ensure privacy. We also aim to use secure forms where appropriate. 

​

Cookies

A cookie is a small text file that is downloaded onto ‘terminal equipment’ (eg a computer or smartphone) when the user accesses a website. It allows the website to recognise that user’s device and store some information about the user’s preferences or past actions.

In general, there are three different ways to classify cookies: what purpose they serve, how long they endure, and their provenance.

​

Duration

  • Session cookies – These cookies are temporary and expire once you close your browser (or once your session ends).

  • Persistent cookies — This category encompasses all cookies that remain on your hard drive until you erase them or your browser does, depending on the cookie’s expiration date. All persistent cookies have an expiration date written into their code, but their duration can vary. According to the ePrivacy Directive, they should not last longer than 12 months, but in practice, they could remain on your device much longer if you do not take action.

Provenance

  • First-party cookies — As the name implies, first-party cookies are put on your device directly by the website you are visiting.

  • Third-party cookies — These are the cookies that are placed on your device, not by the website you are visiting, but by a third party like an advertiser or an analytic system.

Purpose

  • Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.

  • Preferences cookies — Also known as “functionality cookies,” these cookies allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your username and password are so you can automatically log in.

  • Statistics cookies — Also known as “performance cookies,” these cookies collect information about how you use a website, like which pages you visited and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. Their sole purpose is to improve website functions. This includes cookies from third-party analytics services as long as the cookies are for the exclusive use of the owner of the website visited.

  • Marketing cookies — These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and almost always of third-party provenance.

​​

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org

​

Wix cookies

www.beanpodnutrition.co.uk is built using Wix, a cloud-based web development service. The cookies Wix places on this site are listed in the table below. Please refer to the Wix cookie policy for more information - https://www.wix.com/about/cookie-policy

​

Google Analytics cookies

Like most websites, we make use of analytics software in order to help us understand the trends in popularity of our website and of different sections. We make no use of personally identifiable information in any of the statistical reports we use from this package. We use an analytics package called Google Analytics – you may wish to review their privacy policy - https://policies.google.com/privacy?hl=en-GB#infochoices

​

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout

​

In compliance with EU legislation, the following lists the use of cookies on www.beanpodnutrition.co.uk

​

​

Wix / Wix Analytics cookies

​

XSRF-TOKEN

Used for security reasons

Session

Essential

​

hs

Used for security reasons

Session

Essential

​

svSession

Used in connection with user login

12 months

Essential

​

SSR-caching

Used to indicate the system from which the site was rendered

1 minute

Essential

​

_wixCIDX

Used for system monitoring/debugging

3 months

Essential

​

_wix_browser_sess

Used for system monitoring/debugging

Session

Essential

​

consent-policy

Used for cookie banner parameters

12 months

Essential

​

smSession

Used to identify logged in site members

Session

Essential

​

TS*

Used for security and anti-fraud reasons

Session

Essential

​

bSession

Used for system effectiveness measurement

30 minutes

Essential

​

fedops.logger.X

Used for stability/effectiveness measurement

12 months

Essential

​

wixLanguage

Used on multilingual websites to save user language preference

12 months

Functional

​

Google Analytics cookies:

​

_ga

Used to distinguish users

2 years

Statistic

​

_ga_7M5VK9J938

Used to persist session state

2 years

Statistic

​

AcceptCookies: this is used to store whether you have agreed to receive cookies. Persistent for one year.

 

 

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at harri@beanpodnutrition.co.uk or post correspondence to 71 Horsegate, Deeping St. James, Peterborough, PE6 8EW.

​

You can also complain to the ICO if you are unhappy with how we have used your data.

​

The ICO’s address:           

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

 

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

Anchor 1

Add your own content here. Click to edit.

bottom of page