Privacy Notice
1. Glossary of Terms and Definitions
Term | Definition |
Anonymisation | Means the process of removing direct personal identifiers that may lead to You being identified or re-identifiable. |
Anonymous Data | Means any information relating to You, a natural person, where You cannot be identified whether by the Data Controller or by any other person, taking account of all the means reasonably likely to be used either by the Data Controller or by any person to identify You. |
Consent | Means any freely given, specific, informed, and unambiguous indication of Your wishes by which You, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to You. |
Data Controller | Means a person or organisation who (alone or with others) determines the purposes and the manner in which any personal data are or are to be processed. |
Data Processor | Means a person or organisation that holds or processes personal data on the instructions of the Data Controller, but does not exercise responsibility for, or control over the personal data. |
Data Protection Laws | Means the different data protection legislations that Nutrigenix abides by. Such legislations stipulate the data protection standards that Nutrigenix must comply with to ensure that the privacy, confidentiality, and integrity of data isupheld. |
Data Subject | Means the individual to whom the personal data relates to. |
Data Transfers | Means the transfer of data from one jurisdiction to another. |
Encryption | Means the process of encoding information stored on a device and can add a further layer of security. It is considered an essential security measure where personal data is stored on a portable device or transmitted over a public network. |
Personal Data | Means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. |
Processing | Means any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. |
Pseudonymisation | Means the processing of personal data in such a manner that the personal data processed as such can no longer be attributed to the data subject without the use of additional information, provided that such additional information is kept separately and safely and is subject to the technical and organisational measures provided for herein to ensure that the personal data are not attributed to an identified or identifiable natural person. |
Rights Requests | Means specific rights that You may exercise depending on the jurisdiction You are based in and the maturity of the local data protection laws. Generally speaking, such legislation bestows on You several rights that You may exercise. |
Subject Access Request (SAR) | Means a request to receive a copy of Your data from Nutrigenix in an accessible, readily available, and legible format. Such requests are limited to information that is specific and limited to You. |
SupervisoryAuthority (SA) | Means the local data protection regulators who are responsible for overseeing data protection compliance within a given jurisdiction. Such regulators are responsible for the following:
– Monitoring and enforcing data protection compliance- – Prepare key guidance documents – Proposing and approving codes of practice – Investigate complaints made by data subjects – Preparing guidance
UAE: The competent national supervisory authority in the UAE is the Data Office. |
Third Party | Means an entity, whether or not affiliated to an organisation, that is in a contractual arrangement with Nutrigenix. These third-party relationships include, but are not limited to, activities that involve outsourced products and Services, use of independent consultants, networking and marketing services arrangements, merchant payment processing services, services provided by affiliates and subsidiaries, jointventures and other business arrangements where Nutrigenix has an ongoing relationship. |
2. Introduction
Nutrigenix – FZCO (referred to as “we”, “us”, “our” or “Nutrigenix” in this policy) primarily refers to all personalinformation that is collected and used about You for the purposes of the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data Protection (‘the PDPL‘).
Nutrigenix is registered in Dubai Silicon Oasis, Building: IFZA Properties, Premises No: DSO-IFZA.
This notice describes the personal data we collect, how it is used and shared, and Your choices regarding this data. Nutrigenix is the data controller for the personal data collected in connection with the use of Nutrigenix Services.
We at Nutrigenix respect and value the trust You have placed in us in handling Your personal information carefully and sensibly and we recognize the importance of secure transactions and information privacy.
This Privacy Policy describes our policies and procedures on the collection, use and disclosure of Yourinformation when You use the Service and tells You about Your privacy rights and how the same are protected.
3. Scope
This notice applies to Nutrigenix Services, online nutritional therapy coaching, questionnaires, website and other Products/Services (collectively, the “Services”) and through other interactions and communications You have with us.
4. Personal Information We Collect About You
4.1 Information That You Provide to Us
We collect information You provide directly to us through Your access or use of the Services, such as whenYou complete the Nutrigenix initial questionnaire with your personal, health and habit details, request on-demand Services, “Contact Us” support, or otherwise communicate with us.
4.2 Information We Collect Through Your Use of Our Services
When You use our Services, we collect personal information (i.e. information that could be used to contact Youdirectly such as full name, phone number, email, address, height and weight), health information (medical history, digestive tract profile and immune profile) and habit details (eating and sleeping habits).
We may collect data about the devices used to access our Services, including the hardware models, device IPaddress or other unique device identifiers, operating systems and versions, software, preferred languages, advertising identifiers, device motion data, and mobile network data.
5. Use of Your Personal Information
We use Your personal information for a variety of reasons. The table below illustrates such uses.
Category | Description |
Advertising and / or Marketing | Used to display or target ads, marketing communications, or measuring ads performance. |
Contact Information | Used to reach out to you in relation to our Services. |
Financial Information | Used to process payment relating to a Product and/or Service you have availed of with Nutrigenix. This may include credit and debit card information and banking account details. |
Fraud Prevention, Security and Compliance | Used for fraud prevention, security, or compliance with laws. |
Health or Fitness Related Information | Used to understand your current health and fitness status which may include information relating to Your exercise and activity levels, weight loss objectives, dietary preferences and other health and wellness information. |
Inferences About Your Interests, Preferences and Other Behavioural Data | Used to understand our Customers interests, hobbies behaviour and characteristics which may include information relating to favourite foods, purchases, or recipes, consuming tendencies and health and fitness information. All of which supports the personalised Nutritional Assessment that is designed for our Customers. |
Inquiry Information | Used to respond to any queries received from Potential and actual Customers of Nutrigenix. These include information provided in messages sent through forms or surveys, to our email addresses, or via phone. This also may include information provided when you sign up for our newsletters. |
Nutritional Assessment | Used to understand Your diet and habits to provide You with a customized and tailor specific nutritional therapy coaching and support. |
Quality and SatisfactionSurveys | To carry out and analyse quality and satisfaction surveys related to the Services provided by Nutrigenix. |
6. Disclosure of Your Information By Us
We only disclose Your personal information outside of Nutrigenix in limited circumstances. If we do, we will put in place appropriate controls and data sharing agreements that require recipients to protect Your personal information, unless we are legally required to share that information.
Any contractors or recipients that work for us will be obliged to follow our instructions. We do not sell Your personal information to third parties. We may disclose Your information to our third-party Service providers, agents, and subcontractors (Suppliers) for the purposes of providing Services to us or directly to You on our behalf.
When we use Suppliers, we only disclose to them any personal information that is necessary for them to provide their Services and only where we have a contract in place that requires them to keep Your information secure and not to use it other than in accordance with our specific instructions.
We take steps to ensure that any third-party partners who handles Your information comply with dataprotection legislations and protect Your information to the same extent that we do. We only disclose personalinformation which is necessary for them to provide the Service they are undertaking on our behalf. We will aim toanonymise Your information or use aggregated non-specific data sets where possible.
We attach a supporting Schedule with a list of the categories of third parties with whom we may share Your data.
Category of Third Party | Description of Service Provided | Lawful Basis for Processing |
Asset Purchasers | We may share Your personal information with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will engage best efforts to try to ensure that the entity to which we transfer Your personal information uses it in a manner that is consistent with this privacy policy. | Legitimate Interest |
IT Products and/or Service Providers | System based processing of personal details aspart of organisational/ operational requirements. e.g. cloud hosting Services; application development and support Services; IT Infrastructure Services; email Services; call recording Services. Help maintain the safety, security, and integrity of our Services and Your data. | Performance of a Contract |
Law Enforcement Agencies & Authorities | To assist law enforcement agencies for the purposes of preventing, detecting, investigating, or prosecuting criminal offences. | Legal Obligation |
To protect and defend the rights or property of Nutrigenix. To prevent or investigate possible wrongdoing in connection with the Service. To protect the personal safety of our Customers. To protect against legal liability. | Legitimate Interest | |
Courts, Regulators,and GovernmentAuthorities | We may share Your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party. To investigate or address claims or disputes relating to the use of Nutrigenix Services, to satisfy requirements under applicable laws, regulations, or operating licenses or agreements, or pursuant to legal processor governmental request, including from law enforcement. | Legal Obligation |
Legal/Professional Advisors | The provision of business consulting, audit and legal Services including access to and analysis ofpersonal data as part of business initiatives,statutory audits, legal claims, and ad-hoc consultancy advice. | Performance of a Contract Legitimate Interest |
Other Uses | Provide, maintain, and improve our Services. Perform internal administration and operations, including, for example, preventing fraud and abuse of our Services. Send You communications we think will be of interest to You, including information about Services, promotions, news, and events of Nutrigenix, where permissible and according to localapplicable laws. Notify You about changes to our terms, Services or policies and other communications that aren’t for the purpose of marketing the Services of Nutrigenix. | Legitimate Interest Performance of aContract |
7. Cookies
A cookie is a small piece of data (text file) that a website deploys when visited by a Customer and asks Yourbrowser to store on Your device to remember information about You, such as Your language preference or login information. Nutrigenix deploys such cookies. Cookies that are set by us are referred to as “first-party” cookies.
We also use third-party cookies which are cookies from a domain different than the domain of the website You are visiting. Such cookies may be used for our advertising and marketing efforts.
There are other technologies which we deploy which track behaviour on our website. ‘Tracker Pixels’ are a means of allowing us to check whether You have viewed our content. These “pixels” are essentially tiny, invisible images on our web pages that, once loaded, will communicate Your interaction with our content. Thisallows us and our partners to gauge the validity of material being presented to You.
We use third-party technologies across our site. These technologies help us to understand how You use the site and the ways in which we can improve Your Customer experience. These technologies may track certaininformation such as the pages You visit across our site as well as how long Your visit lasts. This allows us to continue providing engaging content.
We also use social media plugins on this site that allow You to view videos and otherwise interact with certain content. For these technologies to work, trusted third parties will set cookies and tracker pixels throughout oursite. Once enabled, these technologies may be used to enhance Your profile or to contribute to the data they hold for various purposes outlined in their respective privacy policies. For any third-party technology used on our site, we will provide a link to that third-party’s respective cookie/privacy policy for Your information. We encourage our visitors to review these policies in advance of granting consent to deployment.
For each visitor to our site, we automatically gather certain potentially identifying information and store it. Thisinformation includes Tour Internet Protocol (IP) address, Your browser type, internet service provider (ISP),referring/exit pages, Your operating system, date/time stamp, processor or device serial number, unique deviceidentifier, and clickstream data. We collect this information on an individual basis and in aggregate, or combined form.
8. International Data Transfers
Your personal information may be stored or processed in any country where we have our facilities or where in which we engage Service providers and subcontractors.
We have put in place appropriate safeguards in accordance with the applicable legal requirements to ensure that Your data is adequately protected.
9. What Are Your Rights?
You have certain rights in respect of Your personal data, and we have processes to enable You to exercise these rights. Your rights are as follows:
- Right to Access (also known as a ‘Subject Access Request’): You have the right to obtain confirmation asto whether we process personal data about You, receive a copy of Your personal data held by us, andobtain certain other information about how and why we process Your personal data.
- Right to Rectification: You have the right to request for Your personal data to be amended or rectifiedwhere it is inaccurate (for example, if You change Your name or address) and to have incomplete personal data completed.
- Right to Erasure (also known as ‘the Right to be Forgotten’): You have the right to deletion of Your personal data.
- Right to Object: You have the right to object to our processing of Your personal data.
- Right to Data Portability: You have the right to request for Your personal information to be prepared and arranged and sent to another organisation (or ask us to do so if technically feasible).
- Right to Withdraw Consent: Where we process personal data based on consent, You have a right to withdraw Your consent at any time. To do so, please use the contact details below in the “How to Contact Us” section.
- Right to Lodge a Complaint with a Supervisory Authority: We sincerely hope that You will never needto, but if You do want to complain about our use of Your personal data, please get in touch with the relevant supervisory authority using the contact details set out below.
You may lodge a complaint with the supervisory authority in Your country of residence, place of work or the country in which an alleged infringement of data protection law has occurred. The contact details ofthe competent national supervisory authority, the Data Office (UAE) are as follows:
UAE Data Office
Website: https://u.ae/en/about-the-uae/digital-uae/data/data-protection-laws
Please note, all rights are subject to qualifications and limitations. In other words, there may be instances andjustifiable grounds to deny any request where we are required or permitted by law to do so. We will always be clear and communicate this to You if and when these instances arise.
10. General Manager
In case You have any queries, concerns, or complaints with regard to the above Policy or the manner in which we process Your data, please contact our General Manager at the below mentioned contact details and we will make our best effort to resolve it.
Name: Katarina Sanitrova
Email: info@nutrigenxco.com
11. How Long Do We Store Your Information For?
We will keep Your personal information for as long as we have a relationship with You. Once our relationship with You has come to an end, Your personal information may be retained for an extended period of time where we are required to do so such as:
- To maintain business records for analysis and/or audit purposes
- To comply with record retention requirements under applicable laws
- To defend or bring any existing or potential legal claims
We will delete Your personal information when it is no longer required for these purposes.
If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.
12. Updates to This Policy
We may occasionally update this notice. If we make significant changes, we may notify You in advance of the changesthrough the Nutrigenix website or through other means, such as email. We encourage You to periodically review this notice for the latest information on our privacy practices.