The Information We Collect
This notice applies to all information collected or submitted on the Illuminated Health website or in person when receiving a service. On some pages, you may be able to order products, leave comments, register for classes, workshops, or other services, or register to receive materials. The types of personal information collected on these pages are:
Address (if applicable)
Birthday (if applicable)
Contact telephone number (if applicable)
Web site (if applicable)
Credit Card Details (if applicable)
Short biography or personal information (if applicable)
Health information including your previous medical history, dietary, lifestyle, supplement and medicine details, biochemical test results, clinic notes and health improvement plans
The Way We Use Information
We use the information you provide about yourself when making an order only to complete that order. We do not share this information with outside parties except to the extent necessary to complete that order.
We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
You can register on our website if you would like to receive our newsletters or if you would like to get in touch with someone from our team. Information you submit on our website will only be used for what you have registered for. If you do register, then we require your real name, and your email address. If you choose to leave a comment, you can choose to identify yourself using a nickname, but you must supply an email address. You can choose to provide additional information about yourself that will form a publicly visible profile of you.
We undertake at all times to protect your personal data, including any health and contact details, in a manner which is consistent with our duty of professional confidence and the requirements of the General Data Protection Regulation (GDPR) concerning data protection. We will also take reasonable security measures to protect your personal data storage.
We use non-identifying and aggregate information to better design my website and to share with advertisers. For example, we may tell an advertiser that X number of individuals visited a certain area of our website, but we would not disclose anything that could be used to identify those individuals.
Finally, we never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above without also providing you an opportunity to opt-out or otherwise prohibit such unrelated uses.
Do You Share my Information with Other Organisations?
We will keep information about you confidential. We will only disclose your information with other third parties with your express consent with the exception of the following categories of third parties:
- Any contractors and advisors that provide a service to us or act as our agents on the understanding that they keep the information confidential
- Anyone to whom we may transfer our rights and duties under any agreement we have with you
- Any legal or crime prevention agencies and/or to satisfy any regulatory request, if we have a duty to do so or if the law allows us to do so.
If you are client of Illuminated Health Ltd, we may share your information with supplement companies and biochemical testing companies as part of providing you with direct healthcare. We will not include any sensitive information and this will only take place with your consent.
We will seek your express consent before sharing your information with your GP or other healthcare providers. However if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests.
We may share your case history in an anonymised form with our peers for the purpose of professional development. This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites. We will seek your explicit consent before processing your data in this way.
We also use third party applications for sending out our newsletters, for our Customer Relationship Management, and for managing online payments as well as other matters pertaining to business. All third party applications we use are in accordance with GDPR.
How You Can Access Or Correct Your Information
Every individual has the right to see, amend, delete or have a copy, of data held that can identify you, with some exceptions. You do not need to give a reason to see your data. You can access all the personally identifiable information that we collect when you register with our website by logging into the website and viewing your profile (which you can update yourself).
You can correct factual errors in your other personally identifiable information by sending us a request that credibly shows error. To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.
If you sign up to our newsletter we will collect your name and email address. We may periodically send promotional emails about new products, special offers or other information, which we think you may find interesting using the email address that you have provided. Your email address is secure and will never be passed to third parties. If you have previously agreed to us using your personal information for marketing purposes, you may change your mind at any time by simply unsubscribing. All information stored is in compliance with the Data Protection Act and GDPR.
We shall respond within 20 working days from the point of receiving the request and all necessary information from you. Our response will include the details of the personal data we hold on you including:
- Sources from which we acquired the information
- The purposes of processing the information
- Persons or entities with whom we are sharing the information
You have the right, subject to exemptions, to ask to:
- Have your information deleted
- Have your information corrected or updated where it is no longer accurate
- Ask us to stop processing information about you where we are not required to do so by law
- Receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit that data to another controller, without hindrance from us.
- Object at any time to the processing of personal data concerning you
We do not carry out any automated processing, which may lead to automated decision based on your personal data.
If you would like to invoke any of the above rights then please write to the Data Controller at email@example.com
Our Commitment To Data Security
We only use information that may identify you in accordance with GDPR. This requires us to process personal data only if there is a legitimate basis for doing so and that any processing must be fair and lawful.
Within the health sector, we also have to follow the common law duty of confidence, which means that where identifiable information about you has been given in confidence, it should be treated as confidential and only shared for the purpose of providing direct healthcare. We will protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared.
We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it). We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.
Illuminated Health Ltd is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website by searching for Illuminated Health Ltd.
Data Protection Notice
Illuminated Health Ltd processes and stores personal data in accordance with the requirements of the Data Protection Act 1998 and also in accordance to GDPR. Any personal information supplied will be used primarily in answering inquiries, providing services or fulfilling any contractual obligations. Where necessary, consequent upon the way we organise our business, personal data may also be used for operational and administrative purposes. Personal data will not be released to non-associated third parties unless there is a legal or regulatory reason to do so or unless the third party fulfils a service on our behalf.
We will not store personal data longer than is reasonably necessary. If you do not wish us to store personal information regarding you please contact the Data Controller at Illuminated Health Ltd, 34 Blagrove Crescent, Ruislip, HA4 8FS or by sending an email to: firstname.lastname@example.org
How To Contact Us
Should you have other questions or concerns about these privacy policies you can contact our Data Protection Officer by email: email@example.com or by calling us on +44 1895 602695