Name: Ruth Mathews trading as Nutrition4life
Address: Calle Carretera 39, Guadiaro, 11311 Cadiz, Spain
Telephone: 0034 635 790054
As a nutrition coaching client you entrust your coach with personal and possibly sensitive information. We understand how important it is for you to be confident that this information is confidential and secure.
This policy applies to all personal data gathered from our website, from email or social media interactions, from signing up to our events (online and in-person), from consultations (whether face to face or via video-conferencing), and to personal data provided by you in written form.
You are encouraged to read this policy carefully. Please do not hesitate to contact us with any questions or concerns about our privacy practices.
What type of personal information do we collect?
We collect the following types of personal client information: name, age, address, contact details (telephone and email), relevant medical history, lifestyle details, food related history, bank details.
How is this personal data collected?
Most of the personal information we process is provided to us directly by you in order that we can provide you with nutrition coaching services and receive payment for those services. Contact with your GP or another health professional may be required in certain circumstances but we expect this information would also be collected through you.
We do not expect to receive any personal information about you from indirect sources.
How do we use personal information?
Information relating to your health (weight, medical history, BMI, food intake, activity levels, lifestyle information) is used to inform your coaching sessions and help you to make and monitor progress.
Contact information may be used for delivering marketing communications regarding Nutrition4Life’s coaching services or for passing on other relevant content to you. You can opt out of this whenever you wish; contact us in writing and we will remove you from our mailing list.
Contact information will also be used for invoicing or receipts.
What legal basis do we have for processing your personal data?
Under data protection legislation the lawful bases we rely on for processing your personal data is contractual obligation for fulfilling nutrition coaching services, and consent for marketing communications and any health data that is special category information.
When do we share personal data?
We will treat your personal data confidentially. It will not be shared with or disclosed to any third party without your prior consent.
Where do we store and process personal data?
Your information is securely stored.
Paper records may be made during consultation but are then scanned and saved electronically and the paper copy destroyed. For the brief period they exist they are kept securely and are only accessible by Nutrition4life.
Data is digitally stored on a password-protected, encrypted laptop with third-party security software on MS One Drive. MS One Drive is part of MS 365 which is subject to advanced protection. More information can be found here: MS 365 security information
Where data is accessed through a mobile phone, the device is face-ID protected. Access to the data is restricted to only those who need it to provide you with nutrition coaching services.
How long do we keep your personal data for?
We keep your coaching records for 2 years after the end of your coaching arrangement. This is to allow for the maintenance of a full record of the coaching should you pause and re-start the process, and also enables us to process any complaint you may make.
Prior to deleting your personal data you will be contacted to give you the option of extending the retention period by 1 year. If you consent we will keep your data and contact you each year to refresh consent.
At the end of the retention period we will permanently delete your personal data from any devices and from One Drive.
If you wish your personal data to be deleted at any point prior to the end of the retention period please contact us in writing.
Your data protection rights:
Under data protection law you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances, or to withdraw consent if that is the basis for processing.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us using the following details if you wish to make a request:
0034 635 790054
Calle Carretera 39, Guadiaro, Cadiz 11311.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at the contact details above.
You can also complain to the relevant agency in the jurisdiction where you are resident e.g. the Agencia Española de Protección de Datos (www.aepd.es/) in Spain, the Gibraltar Regulatory Authority (www.gra.gi/data-protection) in Gibraltar or the Information Commissioner’s Office (www.ico.org.uk/for-the-public/) in the UK.
Linking to other websites / third party content
There may be links from our website to external sites and resources. These are provided for interest and information and we do not take any responsibility for the content or information contained within.