At Diets Debunked, we are committed to storing and using your data safely and in line with GDPR regulation.
We will only ask for necessary information for effective clinical practice and this information will be stored securely and in accordance to GDPR regulation. We will never sell your data, and will never share your data unless with your express permission to other healthcare professionals.
This privacy policy is effective from 10/12/2024 and will be regularly reviewed and updated.
Kate Hilton, trading as Diets Debunked, is a sole trader whose address is Flat 8, Squire Court, Back of the Walls, Southampton, SO14 3QW (‘we’, ‘our’, ‘us’ in this privacy statement).
Any questions regarding our processing of personal data should be directed to us via info@dietsdebunked.co.uk
Data processing principles
We take protecting online privacy and data security seriously. Please read the whole of this statement carefully as it sets out our approach to processing personal data including what information we may collect from you, how we may use it, store it and protect it, and your rights as a data subject.
Our Privacy Statement outlines our approach to any kind of data processing where we are acting as a data controller or co-controller (including collection, use, transfer, storage and deletion) of personally identifiable information (any information that may be used to identify a physical person, and any other information associated therewith) about natural persons. This statement applies to our processing of data collected through any means, actively as well as passively, from persons located anywhere in the world.
We are guided by the following principles when processing data:
What information we collect
In accordance with Data Protection Legislation we only collect and process information which we require to meet the specific purposes as stated above. The information we may collect about you could include, but is not limited to:
Given the services that we provide, it is likely that we shall request data which falls into “special category data”, such as medical information. The term “special category” data is named such by the GDPR and covers any such special category data will only be collected with your express consent and will be handled in line with ICO best practice guidelines for special category data. You will receive our terms and conditions for various services which will outline how we will deliver our services and as part of delivering our services we may need to obtain special category data. We will only ask for information that is necessary to deliver our services, and therefore we encourage you not to provide us with personal data or special category data which we do not ask for.
How we collect, use and share personal data
Most personal information is provided directly and voluntarily by you when you engage with us in order to enquire about, or purchase, our services or products. We will collect information from you when:
We collect this information in order to make available to you our services or products and to communicate with you in relation to our services or products. We may use the information collected to:
We will not sell or lend your personal data to third parties, or share your personal data for marketing purposes without your express consent. We will only share your personal data with third party service providers where it is necessary for the delivery of our products or services, and only where we are confident that and such third party service providers have appropriate data protection systems and measures in place that are compliant with UK Data Protection Legislation.
We will not give consent to third party service providers or platforms to use your information, including audio and video recordings, for purposes other than those for which the information was collected and which are necessary for the delivery of our products and services. We will not give consent for your information to be used by third party service providers for the training and development of AI modelling software, or similar purposes.
How we store and transfer your information
We have in place appropriate technical and organisational measures to ensure the security, confidentiality, integrity and availability of personal data we control. Your information is securely stored on Diets Debunked’s cloud storage database, which is not publicly accessible or stored in any public domain – it is accessible to our employees, and is password protected. Your information may also be stored on our third-party booking software, Calendly and other authorised third party consultants who support our business. Our third-party providers have their own privacy policies which you can view on their websites.
We may store or process your data on cloud-based platforms or service providers whose servers are based outside of the UK/EEA which may constitute a transfer of data under GDPR. We will only use such third-party service providers where we are confident that appropriate safeguards are in place to ensure that any personal data transferred outside of the UK/EEA is subject to an equivalent level of security and protection as required under UK Data Protection Legislation, such as the UK Extension to the EU-U.S. Data Privacy Framework. To learn more about the EU-U.S. Data Privacy Framework, visit the U.S Department of Commerce’s website at: Home (dataprivacyframework.gov)
We also have in place appropriate procedures to handle any potential Personal Data Breaches, in accordance with Data Protection Legislation. Any such breaches will be reported to the relevant supervisory authority and notified to the affected data subjects where we are legally required to do so.
We will only keep your personal data for as long as is necessary to meet the requirements for which it was collected. This will vary depending on the nature of the requirements and the processing, but apart from in exceptional circumstances where longer retention is necessary we will only retain your personal data for 7 years. After this period of time we will delete your personal data unless there is a legitimate business reason to retain all or parts of the data we hold.
Legal basis for processing your data
The General Data Protection Regulation (GDPR) provides that processing of your data shall only be lawful if and to the extent that at least one of the following applies:
We collect data for the purposes set out above. All personal data is managed to ensure that it is either erased from our system when it is no longer required for the purpose for which it was collected, retained for legal reasons or minimised and retained.
Any special category data collected from you has special protection and is limited to that permissible by law. In all instances where special category data is collected we will obtain your express consent.
Your legal rights as a data subject
You have a number of legal rights in relation to the personal data that we hold about you and you can exercise your rights by contacting us using the details at the end of this statement. These rights include:
Links from our website
Our Site may contain links to and from other websites which are operated by individuals and companies over which we have no direct control. If you follow a link to any of these websites, please note that these websites have their own privacy and terms of use polices. We do not accept any responsibility or liability for these policies. We advise you to check the policies for third party sites before you submit any personal data to the website.
Cookies and website analytics
We use website analytics to provide the best user experience and service to you and to evaluate and improve our site. We utilise third party data analytics service providers to improve our visibility and to monitor website browser behaviour and navigation across our site.
These third-party data analytics service providers collect this information using cookies on our behalf in accordance with our instructions and in line with their own privacy policies. Our service providers may collect the following data about the way you use our Site, which will almost always be anonymised and aggregated before reporting back to us:
If you wish to limit or reject cookies associated with our website you can do this in your browser settings. Please be aware that by choosing to limit or reject cookies from our website may you may not be able to use or benefit from certain features, particularly the features designed to personalise your experience.
Changes to our policy & future processing
This Privacy Statement was last updated on 10.12.2024 and is reviewed every 6 months, or upon changes to relevant Data Protection Legislation being published, whichever is sooner.
We do not intend to process your personal information except for the reasons stated within this Privacy Statement. We reserve the right to update this Privacy Statement from time to time. Where appropriate, we shall contact you to notify you of any material changes to the Privacy Statement. You should also refer to our website periodically so that you may access and view our updated Privacy Statement. This will ensure that you understand how we are using your personal data and your legal rights around our usage of such personal data.
If you have any questions or concerns regarding our data protection or privacy policies, please contact us at info@dietsdebunked.co.uk and we will be happy to respond to any concerns.
Should you still have concerns about the way in which we manage your personal data then you should contact the relevant supervisory authority, which in the UK is the Information Commissioner’s Office: Contact us | ICO
Kate Hilton, Registered Dietitian. HCPC number: DT31087 BDA number: 19187
©Copyright. All rights reserved.
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.