Privacy Policy GDPR

E-mail: [email protected]

Web: TheDiestista.com

In order to provide tailored Nutritional Therapy advice, we, TheDietista.com trading as Nutritiency, require an amount of personal information to be provided by you.We take our responsibility to safeguard personal information extremely seriously and regularly review our policies to ensure that your information remains protected. This document is designed to outline how that information is utilised, shared and protected in accordance with current legislation and to describe your rights. Should further information be required on how we do this, please contact us direct at [email protected].Additional information on the handling and protection of personal information can be found on the Information Commissioner’s Office website at www.ico.org.uk.

What We Do

We provide nutrition and personal development online courses and programs.

Nutrition

We provide online courses on various nutritional aspects designed to assist with disease management and boost wellness.

Personal Development

We provide online Business and Personal Development courses for professional and personal and financial growth.

How we get the information and why we have it

Information is provided direct to us, by you, in a number of formats:

  • By completing the Nutritional Therapy Questionnaire
  • By completing the Diet Diary
  • In person during a consultation
  • By email, telephone or post
  • By submitting payment details by credit card and online services

What type of information we have

This may include the following information:

  • Contact details such as name, address, email
  • Date of birth and gender if provided
  • Next of kin contact details
  • GP contact details
  • Banking information
  • Details of contact we have had with you such as referrals and appointment requests

Health information including but not limited to:

  • Medical history including family member’s history
  • Diet
  • Lifestyle
  • Supplements and medicines taken
  • Test results
  • Clinic notes
  • Health improvement plans

Information we get from other sources

It is likely that will obtain potentially sensitive medical information in the form of test results from contracted laboratories and medical services, the provision of which is subject to you giving us explicit consent. You are able to remove your consent at any time. You can do this by contacting us at [email protected].

The information sources and types listed above are used to provide you the customer tailored Nutritional Therapy advice. As a result, the legal basis of our holding your personal data is for ‘legitimate interest’.

What we do with the information we have

We use the information that you have given us in order to to provide Nutritional Therapy advice and in this respect act as a data controller.We also act as a controller and processor in regard to the processing of your data from third parties such as testing companies and other related service providers.

We only use information that may identify you in accordance with current legislation such as DPA 18 and GDPR. This requires us to process personal data only if there is a legitimate basis for doing so and that any processing must be fair and lawful.

We will, at all times protect your personal data, including any health and contact details, in a manner which is consistent with our duty of professional confidence and the requirements of current, relevant legislation concerning data protection. We will inform you of how your information will be used, and allow you to decide if and how your information can be shared.

We may use your personal data where there is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime, in addition to a legal requirement such as a formal court order.

TheDietista.com is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website, by searching for TheDiestista.com

Data Retention

All records and personal data will be held for the period of 5 years, this enables us to process any potential complaint you may make.In this case, the legal basis of our holding your personal data is for contract administration.

How we store your information

We subscribe to the common law duty of confidence, in that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the information provider’s consent. In practice this means that all patient/service user information, whether held on paper, computer, visually, by audio recording or held in the memory of the professional, must not normally be disclosed without the consent of the patient/ service user.

We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment with acceptable levels of encryption.We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

Your information will be routinely stored Google’s G Suite platform. Google designed G Suite to meet stringent privacy and security standards based on industry best practices. In addition to strong contractual commitments regarding data ownership, data use, security, transparency and accountability. The G Suite platform undergoes several independent third-party audits on a regular basis, including but not limited to:

• ISO 27001/ISO 27017/ ISO 27018
• PCI DSS
• General Data Protection Regulation (GDPR)
• HIPAA

Google uses encryption to protect data in transit and at rest. Data stored in its Cloud Platforms is encrypted at the storage level using either AES256 or AES128. Data in transit to G Suite is protected using HTTPS, which is activated by default for all users.

Further information on the G Suite Security Standards can be found at G Suite Security and Trust.Google’s GDPR G Suite compliance measures can be found here.

Google Privacy Policy

Third party data processors

We currently utilise 2 third parties to process personal data on our behalf, Teachable and PayPal.
Teachable:
There will be a requirement for you to enrol on the Teachable Platform to gain access to content as well as pay for services. As a result, Teachable requires to store some Personal Information. Teachable utilises a range of security measures designed to protect your Personal Information and keep it confidential (unless it is non-confidential by nature) and free from any unauthorised alteration. It uses encryption in the transmission of financial information between systems, and employs firewalls to help prevent unauthorized persons from gaining access to personal information.
Teachable uses a 2048-bit SSL certificate to keep students' information secure during login and checkout and only employs payment providers that are PCI level-1 compliant,

Teachable Privacy Policy

PayPal:

PayPal process payments for any products purchased outside of the Teachable platform. Neither TheDietista.com nor PayPal retain any financial information you may submit as part of the purchasing process. PayPal monitor every transaction, 24/7 to prevent fraud, email phishing and identity theft. Every transaction is heavily guarded behind PayPal's advanced encryption. If something appears suspicious, their dedicated team of security specialists will identify suspicious activity and help protect you from fraudulent transactions. PayPal,

Your data as mentioned below is encrypted before transmission to prevent misuse of the transmitted data by third parties. The following data is encrypted so that is only readable by the PayPal payment system:

  • Personal data (address data, telephone number, etc.)
  • Login data (username and password)
  • All methods of payment selected, credit card and bank account

PayPal Privacy Policy

Your data protection rights

Every individual has the right to see, amend, delete or have a copy of data held that can identify you, with some exceptions. You do not need to provide a reason to see your data.Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.

Your right to object to processing - You have the the right to object to the processing of your personal data in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you, starting from the day of receipt.if your request is complex or you make more than one, the response time may be a maximum of three calendar months, starting from the day after receipt.

Please contact the Data Controller at [email protected] if you wish to make a request or invoke your rights.

Further information about your rights can be found ico.org.uk

How to complain

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113



Privacy Policy School

This Privacy Policy governs the manner in which the School collects, uses, maintains and discloses information collected from users (each, a “Student”) of the School. This Privacy Policy applies to the School and all Courses offered by the School.

Personal identification information

We may collect personal identification information from Students in a variety of ways, including, but not limited to, when Students enroll in the School or a Course within the School, subscribe to a newsletter, and in connection with other activities, services, features, or resources we make available in our School. Students may visit the School anonymously. We will collect personal identification information from Students only if they voluntarily submit such information to us. Students can refuse to supply personal identification information but doing so may prevent them from engaging in certain School related activities.

How we use collected information

The School may collect and use Students’ personal identification information for the following purposes:

  • To improve customer service
    Information you provide helps us respond to your customer service requests and support needs more efficiently.
  • To personalize user experience
    We may use information in the aggregate to understand how our Students as a group use the services and resources provided in our School.
  • To send periodic emails
    We may use Student email addresses to send Students information and updates pertaining to their order. Student email addresses may also be used to respond to Student inquiries, questions, or other requests.

Sharing your personal information

We do not sell, trade, or rent Student personal identification information to others.

Third party websites

Student may find advertising or other content in our School that link to the websites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these websites and are not responsible for the practices employed by websites linked to or from our School. In addition, these websites or services, including their content and links, may be constantly changing. These websites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Student, is subject to that website's own terms and policies.

Changes to this Privacy Policy

The School has the discretion to update this Privacy Policy at any time. We encourage Students to frequently check this page for any changes. You acknowledge and agree that it is your responsibility to review this Privacy Policy periodically and become aware of modifications.

Your acceptance of these terms

By enrolling in the School, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not enroll in the School. Your continued enrollment in the School following the posting of changes to this Privacy Policy will be deemed your acceptance of those changes.