WE CAPTURE INFORMATION ABOUT YOU IN ORDER TO IMPROVE YOUR EXPERIENCE OF THE FITSIX COMMUNITY.
To help us give you more of what you love, we capture information about you in order to improve your experience of the Fitsix Community.
We are Fitsix Ltd, PO BOX 4888, Windsor, SL4 9EY, United Kingdom. Our Data Protection Officer is Keith Atkinson and is contactable via firstname.lastname@example.org
This notice is to inform you about how we collect and protect any personal information you provide to us and how you can control what personal information we collect from you and what we do with it. It sets out how we intend to use your information, who we will share it with and what rights you have about use of your information.
This notice applies however you provide personal information to us, whether you go online to our websites, contact us via social media, visit our events and stores , enter competitions, engage in research activities or whether you telephone, email, write to or text us.
WHAT PERSONAL DATA DO WE COLLECT?
We may collect the following information about you:
- your name, age/date of birth, gender and other relevant demographic information;
- your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and email address;
- your social media handles;
- purchases and orders made by you;
- your online browsing activities on any of our websites including which items you store in your shopping cart;
- information about the device you use to browse our websites including the IP address and device type;
- your communication and marketing preferences;
- your interests, preferences, feedback, competition and survey responses;
- your location;
- your correspondence and communications with us; and
- other publicly available personal data, including any which you have shared via a public platform (such as Instagram, YouTube, Twitter or public Facebook page).
This list is not exhaustive and in specific instances, we may need to collect additional data for the purposes set out in this Notice. Some personal data is collected directly, for example when you set up an online account on our website or send an email to our Customer Support team, email@example.com. Other personal data is collected indirectly, for example when you browse our websites or undertake online shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources. We may anonymise and aggregate personal data for insight and research but this will not identify anyone.
Our websites are not intended for children and we do not knowingly collect data relating to children.
HOW WE USE YOUR DATA
We use your personal data:
- to provide goods and services to you;
- to make a tailored website available to you;
- to manage any account(s) you hold with us;
- to verify your identity;
- for crime and fraud prevention, detection and related purposes;
- with your agreement, to contact you about promotional offers, events, products and services which we think may interest you;
- to show you promotional communications through online media as you browse the web;
- for analysis, insight and research purposes - to better understand your needs and ensure we are giving you what you want;
- to identify and contact competition winners;
- to enable us to manage customer service interactions with you; and
- where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).
To ensure you are kept up to date with the Fitsix experience, we use personal data for marketing purposes and may send you postal mail, texts and/or emails to update you on the latest offers and events. We may also show you online media communications through external social media platforms such as Facebook and Instagram and external digital advertisers such as Google.
You have the right to opt out of receiving promotional communications at any time, by:
- informing us that you wish to change your marketing preferences by contacting our customer support team at firstname.lastname@example.org
- making use of the simple “unsubscribe” link in emails or the “STOP” number for texts; and/or
- contacting our Data Protection Officer via email at email@example.com, or by post to the Data Protection Officer, Fitsix Ltd, PO BOX 4888, Windsor, SL4 9EY, United Kingdom
This may not stop service messages such as order updates.
Personalisation and Automated Decision Making
If you visit any of our websites, you may receive personalised banner advertisements whilst browsing websites of other companies. Any banner advertisements you see will relate to your browsing activity on our website from your computer or other devices.
We may collect data directly from you, as well as analysing your browsing and purchasing activity online and your responses to marketing communications. The results of this analysis, together with other demographic data, allow us to ensure that we contact you with information on products, services, events and offers that are tailored and relevant to you. To do so, we use software and other technology for automated decision making. We may do this to decide what marketing communications are suitable for you and this activity is based on our legitimate interests to develop and improve our products and services.
Also to provide more personalised services and experiences, we may review data held by external social media platform providers about you, for example, details on your Twitter or Facebook profiles that you have chosen to make publicly accessible such as your name, date of birth. Some of our services enable you to sign-in via external social media platform providers such as Facebook. If you choose to sign-in via a third party app, you will be presented with a dialog box which will ask your permission to allow us to access your personal information (e.g. your full name, date of birth, email address and any other information you have made accessible).
We aim to update you about products and services which are of interest and relevance to you as an individual. To help us do this, we process data by profiling and segmenting, identifying what our customers like and ensuring messages we send them are relevant based on their demographics, interests, purchase behaviour, online web browsing activity and engagement with previous communications. We may also use your data to exclude you from communications which we feel are irrelevant to you. For example, we may exclude someone from resends of marketing emails when we know that person has already opened the original email sent.
Another example of how we may tailor our communications with you is that we may group individuals with similar interests using this data so we can send them product news or promotional offers that are relevant to that shared interest.
You have the right to opt out of any automated processing, including profiling, at any time by:
- informing us that you wish to opt out of automated processing by contacting our customer support team at firstname.lastname@example.org and/or
- contacting our Data Protection Officer via email to email@example.com, or post to Data Protection Officer, Fitsix Ltd, PO BOX 4888, Windsor, SL4 9EY, United Kingdom
SHARING DATA WITH THIRD PARTIES
Our service providers and suppliers
In order to make certain services available to you and to help us better understand your preferences, we have partnered with certain trusted third parties including logistics and marketing service providers. We may need to share your personal information with some of our service partners. We only allow our service providers to handle your personal information when they have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your information to provide services to us and to you, and for no other purposes. We may provide outside companies with aggregated and anonymised information and analytics about our customers but that would never identify you and we will never sell or rent your personal information to other organisations for any purposes.
To help you understand which partners we share data with, here are the types of companies with whom we share data in order to provide and promote our goods and services:
|External Service Provider||Reason for sharing your data||Example|
|Companies that help us provide our goods to you including providers of ecommerce platforms and payment, logistics, delivery, courier and returns management services.||We have help from outside organisations in order to ensure we can provide our products and services to you.||Making sure that the courier knows where to deliver your order.|
|Companies that help us provide a better Fitsix experience tailored to you including providers of intelligence tools and social media platforms, providers of website hosting, marketing and advertising services and organisers of discount and loyalty schemes.||We want to make sure that we are always relevant, completely understand you and give you the best customer journey to ensure we can tailor your experience, reach you in the platforms you enjoy using and save you time.||
Using information about your previous purchases and what you store in your shopping cart to show you, through channels such as social media or emails, product recommendations and let you know when new products release.
The optional use of sign in for our website through external site operators such as Facebook and Student Beans.
Understanding the device that you use to browse our websites to improve your shopping experience.
|Fraud Prevention agencies.||To help tackle fraud we pass data through fraud prevention tools operated by external companies.||Validating your details when you make a purchase on our website.|
Other third parties
We may also share your data with:
- other companies within our group;
- to purchasers, investors, funders and advisers if we sell our business or assets or restructure whether by merger, re-organisation or otherwise;
- our legal and other professional advisers, including our auditors;
- credit reference agencies where necessary for card payments;
- governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so: -
- to comply with our legal obligations and the administration of justice;
- to exercise our legal rights (for example in court cases);
- for the prevention, detection, investigation of crime or prosecution of offenders; and
- for the protection of our employees and customers.
LEGAL BASIS FOR USING DATA
We are required to set out the legal basis for our processing of your personal data.
We collect and use customers’ personal data:
- as necessary to perform our contract with you:
- for the purposes of complying with our duties and exercising our rights under a contract for the sale of goods or services to a customer;
- for the purposes of complying with our duties and exercising our rights under a contract for the sale of goods or services to a customer;
- as necessary for the pursuit of our legitimate interests, including:
- selling and supplying goods and services to our customers;
- promoting, marketing and advertising our products and services;
- sending promotional communications which are relevant and tailored to individual customers (including administering loyalty schemes);
- to identify and contact competition winners;
- understanding our customers’ behaviour, activities, preferences, and needs;
- improving existing products and services and developing new products and services;
- protecting customers, employees and other individuals and maintaining their safety, health and welfare;
- good governance, accounting and managing and auditing our operations and complying with our legal and regulatory obligations;
- preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
- handling customer contacts, queries, complaints or disputes;
- protecting our company, its employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us;
- handling any legal claims or regulatory enforcement actions taken against us; and
- fulfilling our duties to our customers, colleagues, shareholders and other stakeholders;
- as necessary for complying with our legal obligations including:
- where you exercise your rights under data protection laws
- for compliance with legal and regulatory requirements;
- to establish or defend legal rights;
- based on your consent for example in relation to sending direct marketing communications via email or text message.
You have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.
Section 3: Disclosure
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Section 4: Shopify
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
Section 5: Third-Party Services
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Section 6: Security
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Section 7: Cookies
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
Section 8: Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
Section 10: Google Analytics
Fitsix Ltd use Google Analytics for marketing purposes. The Google Analytics Advertising Features that Fitsix use are: Adsense, Adwords, Ad Exchange, Big Query, DoubleClick Bid Manager, DoubleClick Campaign Manager, DoubleClick Search, Google Play, Postbacks, Search Console. You can opt-out of the Google Analytics Advertising Features, including through Ads Settings, Ad Settings for mobile apps, or any other available means (for example, the NAI's consumer opt-out) by clicking here: currently available opt-outs or by visiting: https://tools.google.com/dlpage/gaoptout/
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Questions and Contact
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact our Privacy Compliance Officer at: firstname.lastname@example.org