When you purchase spinegym.com, we process specific personally identifiable data to help us function firstly as an online e-commerce business, and secondly in order to inform, improve and create the best possible experience we can for our users.
At SpineGym, we are 100% committed to protecting your privacy and security.
1. What we collect
There are several scenarios in which personal data is collected and used by SpineGym.
Firstly, for the purpose of notifying individuals on the processing, completion and sending of orders and transactions; recording order history within our CMS platform, which would include name, email, address information and telephone numbers. Such order histories include total number of orders made, their recipients and subsequent address information. Therefore, this information is pursuant to the function and running of spinegym.com as well as general website administration.
Secondly, personal data may be collected, though only on the basis of voluntary permission from the individual, for the purpose of informing individuals about offers, promotions and updates. This is primarily for marketing purposes. Individuals may choose not to receive this information by logging into their accounts and unsubscribing from this material, or selecting which material they would like to receive. If an individual would like to receive sales and promotional material at the registration or newsletter sign up stage, the relevant boxes must be ticked.
Thirdly, we use third party software, such as Pixel Tags, for the purpose of paid marketing advertising, monitoring website usage, as well as looking at traffic patterns in order to improve the website experience. *See section on cookies below. Such third party pixel tags include Google Analytics, AdWords, Bings Ads and Facebook. Sometimes, you may notice ads that are relevant to websites you have visited previously. These are known as “remarketing ads”. These ads are triggered from anonymous cookies and are controlled by third party platforms such as Google AdWords. Should you not want to be tracked via Google Analytics, use the official Google Analytics “opt-out” browser plugin.
2. How your data is handled, processed and held
Your personally identifiable data is held digitally within three key locations: firstly, the website CMS, which uses a secure cloud-based server and is accessible only to authorised individuals with the organisation; secondly, a USA-based EU-certified ESP (email service provider) system which uses PRIVACY SHIELD-LEVEL protection, and thirdly our ERP system.
With regards to marketing purposes, and aside from information required to send products to recipients, personally identifiable information will only be used based on the DOUBLE-OPT-IN consent of an individual wishing to receive offers, promotions and any other sales-related information i.e. via email marketing. This is done by selecting the appropriate options either at the newsletter sign up stage, the checkout stage, or within an account created by the individual, agreeing with terms and conditions, and then receiving an email to confirm submission to the marketing mailing list.
Personal data opted-in to receive marketing material is passed on to our fully compliant and secure third party email service provider (ESP). This U.S-based software is certified to EU-U.S. PRIVACY SHIELD FRAMEWORK, allowing data to securely be transferred to MailChimp.
This software contains personal data with regards location, name, address, products purchased and order history. Any individual wishing to erase completely their information from our email service provider can do so by contacting us via email@example.com. Records of consent are kept and can be requested at any time by contacting us using the following email address: firstname.lastname@example.org. Any request to portability (see below) of their details can request a copy of their order histories in a readable format.
We would like to note that your personal information is treated with the utmost regard and is never sold, traded or rented to any third party companies or organisations.
3. Your rights under GDPR legislation
You have the right to access, change or alter any of the personal data we hold on you. Should you want access to this information, please send a request to our Head Office using the following email address email@example.com quoting “Security and Privacy Enquiry” or use the address at the bottom of this statement. Your full data rights under GDPR are explained below.
4. Your rights and control over personal data
In accordance with GDPR best practice, you have the following rights concerning your personal data:
Your right to be forgotten
Should you wish to request deletion of all your data from our systems, please do so by contacting us by sending an email to spinegym.com and state if you want to remove all and / or the following information:
1. Transaction data in terms of your address and order information.
2. Your personal information regarding email marketing material.
3. All of the above.
Your right to object
Should you object at any time with regards to the processing of your personal i.e. marketing purposes which would, for instance, target based on product preferences, (the primary reason for processing), we will respect your requirement to do so.
Your right to rectification
Should you notice any inaccuracies with your data, you have the right to rectify or change your data, update your preferences and erase (see point 1 above), if necessary. This can either be done in your account, or you can contact us to make the necessary changes for you.
Your right of access
Should you require access to your personal data, this can provided within a period of one month form the initial request, as per GDPR law, and in a common readable format. Any excessive or repeated requests for data will be charged at £5 per request.
Your right of portability
Should you wish to request a copy of your order and account history, please contact us via firstname.lastname@example.org . We will provide this in a standard, easy-to-read format for ease of portability.
5. Is your data shared?
Your personal information is treated with the utmost respect and is never sold, traded or rented to any third party companies or organisations.
6. How are cookies used on our website?
Should you wish to turn of these cookies, you can do so by clicking on the cookie banner and / or changing the following browser settings:
Go to Tools > Options > Privacy > Cookie > adjust cookie settings
Go to Tools > Internet Options > adjust cookie settings
Go to Tools > Settings > Privacy and Security > Content Settings > Cookies > adjust cookie settings.
7. Contacting us
Should you have any queries regarding the data we have, how we process it and / or a copy of your personal data, please contact us at the following address:
Handsome Healthcare Limited
Unit 6, Oakfield Trading Estate
Or send an email to email@example.com
8. List of cookies we may collect
The table below lists the cookies we collect and what information they store.
COOKIE NAME Cookie Description
FORM_KEY Stores randomly generated key used to prevent forged requests.
PHPSESSID Your session ID on the server.
GUEST-VIEW Allows guests to view and edit their orders.
PERSISTENT_SHOPPING_CART A link to information about your cart and viewing history, if you have asked for this.
STF Information on products you have emailed to friends
MAGE-CACHE-SESSID Facilitates caching of content on the browser to make pages load faster.
MAGE-CACHE-STORAGE Facilitates caching of content on the browser to make pages load faster.
MAGE-CACHE-STORAGE-SECTION-INVALIDATION Facilitates caching of content on the browser to make pages load faster.
MAGE-CACHE-TIMEOUT Facilitates caching of content on the browser to make pages load faster.
SECTION-DATA-IDS Facilitates caching of content on the browser to make pages load faster.
PRIVATE_CONTENT_VERSION Facilitates caching of content on the browser to make pages load faster.
MAGE-TRANSLATION-FILE-VERSION Facilitates translation of content to other languages.
MAGE-TRANSLATION-STORAGE Facilitates translation of content to other languages.
In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.