Privacy and Cookies Policy

Effective Date: 25/05/2018

1.    Handling controller

The handling controller for the User's data is the company NOOTRIC, S.L. (hereinafter ‘‘NOOTRIC”), C/ Príncipe de Vergara 57, A, 1ºB, 28006 Madrid, Spain with tax ID number B-66690280, phone number 900 804 526 and email address support@nootric.co.uk

 

2.    Purpose of data handling

NOOTRIC shall only have access to the personal data in the databases it controls for the purposes of (a) providing nutritional guidance services to the user and (b) responding to requests from the user and keeping them up to date, including by electronic means, on NOOTRIC products and services. NOOTRIC shall not use or apply them for any other purpose.

Nevertheless, taking this purpose into account, a 'commercial profile' shall be drawn up from the information provided. These profiles shall not be used for any automated individual decision-making.

 

             2.1. Safekeeping of data

The personal data provided shall be stored unless the user to which it pertains requests it be erased or, when appropriate, for the duration of the commercial relationship between the parties from the latest confirmation of the User's interest, after which it must be destroyed or returned to the User. Any media or documents containing personal data subject to handling must be dealt with in the same manner. All notwithstanding any legal provisions that require certain data to be saved or cases in which said data would be useful if any claim were to be lodged as a result of the services commissioned.

 

3.    Legitimate handling of data

The legal basis of the handling of the User's data is (a) the contractual relationship between NOOTRIC and the User to provide nutritional guidance services and (b) express consent to keep the user up-to-date, including by electronic means, on our products and services. Nevertheless, this purpose is not dependent on consent for data not required for said purpose.

 

4.    Recipients

The User expressly authorises their data be transferred whenever there is a legal requirement to do so, as NOOTRIC shall not transfer data to third parties under any other circumstances.  

 

5.    Exercising rights

Users may exercise the following rights, as laid out in the GDPR regarding the handling of personal data:

§  Right to request access to the personal data pertaining to the user in question.

  • Right to correct or erase data.
  • Right to limit handling.
  • Right to oppose to the handling.
  • Right to portability of the data.
  • Right to not be subject to automated individual decision-making.

These rights may be exercised in writing to NOOTRIC, S.L. (hereinafter ‘‘NOOTRIC”), C/ Príncipe de Vergara 57, A, 1ºB, 28006 Madrid, Spain and email to support@nootric.co.uk. In either case, the user in question must provide a copy of their national ID card, passport or other valid forms of photo ID. Communication must be made immediately and under no circumstances beyond the first business day after receiving the request, along with, when applicable, any other information that may be pertinent in addressing the request.support@nootric.co.uk

Likewise, we inform you that you may exercise your rights with the competent authority. In this case, the Spanish Data Protection Agency (AEPD), at Calle Jorge Juan, nº6, 28001 Madrid.

 

6.    Security measures and levels

NOOTRIC has adopted the measures necessary to ensure the required level of security, depending on the nature of the personal data handled and the circumstances of the handing, in order to prevent any alteration, loss, mishandling or unauthorised access, to the extent possible and in line with the state of technology.

Likewise, NOOTRIC ensures it has implemented measures to: 

  1. Guarantee the confidentiality, integrity, availability and resilience of the handling systems and services at all times.
  2. To restore availability and access to personal data quickly in the case of physical or technical incident.
  3. To regularly verify, evaluate and assess the efficacy of the technical and organisational measures implemented to ensure the handling security.
  4. To pseudonymise and encode personal data, when applicable.

 

7.    Scope

The data handling structure, equipment and information systems required to comply with current data protection regulations shall be applied to all handling, whether temporary or permanent, controlled by NOOTRIC containing personal data, as well as to any equipment or information system handling said files.

 

8.    User consent

The user hereby states they have read and expressly accept this Privacy policy in registering with NOOTRIC, granting their express, unequivocal consent to NOOTRIC to handle their data for the purposes and services expressed herein.

The User expressly authorises their data be transferred to third parties so NOOTRIC can carry out the purposes established in this privacy policy. If the User provides NOOTRIC with personal data pertaining to third parties, the User hereby declares that said data is truthful and that they have notified, and been granted consent by the third parties whose data they are providing, that their data shall be handled by NOOTRIC under the same terms of which the User has been notified and has granted consent to in this privacy policy.

 

9.    Maintaining the contractual relationship

The personal data provided by users shall be used for the purpose of providing nutritional guidance aimed at improving the health and wellbeing of the individuals in question through personalised, truthful, free and independent information from a professional.

 

10.  Commercial and promotional information

The personal data provided on this form shall be handled by NOOTRIC in order to notify you of NOOTRIC business contents and commercial communications.

 

11.  Confidentiality and professional secrecy

The data collected in private communications between NOOTRIC and its clients or Users will be handled with the strictest of confidentiality, with NOOTRIC committing to the obligation of secrecy with regard to personal data, its duty to store it and adopt the necessary measures to prevent it from being altered, lost or handled or accessed without authorisation, as per the provisions of the applicable regulations on Security measures for automatised handling containing personal data.

Moreover, information of any type exchanged by the parties, that which the parties agree is such and that merely referring to the content of said information shall also be considered confidential. Viewing data online shall not entail direct access to said data, except with express consent from the person to which it pertains on each occasion.

 

 

12.  Changes to the data protection and security policy

NOOTRIC reserves the right to modify this data protection and security policy in order to adapt it to new laws or rulings, or any changes derived from current codes on the subject, or due to strategic corporate decisions. Said changes shall go into force on the date on which they are published on the Website. Therefore, we recommend reading this Privacy policy periodically. When the changes instated affect issues of particular importance, users shall be notified individually. 

 

13.  Data communication by the User

Before providing the Website with personal data pertaining to third parties, the User must obtain their express prior consent, having notified them of the terms of this privacy policy. The User undertakes to hold NOOTRIC harmless of any possible claims, fines or penalties that may arise as a result of the User's failure to comply.

 

14.  Minors

Anyone under 16 years of age may not use the services available on the Website, nor provide any information without permission from their parents, guardians or legal representatives, who shall be solely responsible for any and all actions the minor takes on the Website, including filling out forms with the personal data of said minors. In this regard, and to the extent to which the data-handling controller cannot be sure whether or not users are minors, Users are hereby notified that parents and guardians must be the ones to implement any necessary measures to prevent minors from gaining access to the Website and/or providing personal data without supervision, with the data controller accepting no liability in this regard.

 

 

15.  What about cookies?

 

15.1 We and/or third parties use cookies and other tracking technologies on our website. A cookie is an identifier (a small file of letters and numbers) that is sent to your computer.  Our website’s functionality will be limited if you configure your browser to reject cookies.

15.2Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the website owner or others. Session cookies are temporary cookies that remain in the cookie file of your browser only until your browser is closed. They allow websites to link your actions during a browser session. Persistent cookies stay in the cookie file of your browser for longer (though how long will depend on the lifetime of the specific cookie). For further information on cookies, including how to use your browser to block them and how to delete cookies already stored on your device, visit: www.allaboutcookies.org.

15.3Cookies are used on this website for the following purposes:

a)             Session cookies: We use session cookies to enable the website to keep track of your movement from page to page and store your selections so you do not get asked repeatedly for the same information. These cookies allow you to proceed through many pages of the website quickly and easily without having to authenticate or reprocess each new area you visit. For example, the session cookie remembers your shopping cart selection so will have the items you selected when you are ready to check out. 

 

b)             Google cookies:  Persistent cookies (up to four years we believe) are set in connection with the following Google services on our site and these cookies may involve certain non-personally identifying information being sent to Google:

i)              Google Analytics (“GA”):We use cookies to recognise and count the number of website visitors as well as providing other information about the visit such as duration, route through the website and what sites the visitor came from. This information helps us to improve the way our website works, for example by making sure users find what they need easily. 

ii)             Google Adwords for conversion tracking: We use cookies to track sales and other conversions of a person that clicked an ad.

 

More information and opt out: Click herefor Google’s privacy policy and herefor more information about the kinds of cookies placed by Google. Click herefor information about how Google uses data from its partners’ sites or apps as well as how to opt out of Google cookies. 

 

c)             Livechat cookies: Livechat sets session and persistent cookies (up to one month) to identify a previously logged in user. Click here for details of these cookies.

 

d)             Miscellaneous cookiesWe place miscellaneous persistent cookies (up to 45 years) to manage various matters on our site such as language, marking pop ups as read and to record if a user marked a query as useful.

 

e)             Cookie-warning cookie: This cookie takes note of whether you are happy to accept cookies on this website based on your response to the message which appeared when you first visited the website. This persistent cookie will remember your preference for up to 45 years. 

 

15.4 By continuing to use our website, having seen our cookie notice, we assume that you consent to use of the cookies outlined above.  

 

Version 2.1