This Privacy Notice sets out the details of how Naked Recovery Global Limited (“we”, “us”, “our”, company number 06954594) as data controller, collects and processes your personal data through our website located at www.nakedrecovery.com (“the Website”). For the purposes of this Notice, personal data means any information that can be used to identify an individual whether directly or indirectly.
Please read through the content of this Privacy Notice carefully and ensure that you understand it. If you do not understand the content of this Privacy Notice or do not accept or agree with it then you must stop using the Website immediately. By accessing the Website and providing us with your personal data you are warranting that you are over 13 years of age.
If you have any questions about this Privacy Notice or require more information concerning our privacy practices please contact us.
What personal data do we process, why do we process it, and how do we collect it
We may process personal data that you provide to us by subscribing to our email list, requesting information through our contact forms, completing questionnaires, or by any other communication via email, text, FB Messenger, or through our Website or other online platforms and social media channels.
We may also process data received from third parties such as Google, Facebook, Pinterest, Instagram, Youtube or other analytic, search, advertising, or online information providers based outside of the EU or Paypal, Stripe or other payment processing providers based outside of the EU.
When we process your personal data we will comply with the relevant data protection laws and principles such as the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”), which means that your data will be used lawfully, fairly and in a transparent way, kept securely and only for as long as necessary for the purposes we have told you about.
We shall only collect and process your personal data for purposes that are clearly outlined prior to you providing us with your data, or for a legitimate reason.
Whenever we process your personal data we do so on the basis of a lawful condition, this will either be because you have given your consent for us to process your data, where we are under a contractual or legal obligation, or where it is in our legitimate interests to do so.
We do not carry out automated decision making or any type of automated profiling.
The types of personal data which we process will vary depending on your own specific circumstances but typically can include:
- Personal Information: which may include your name, date of birth, email address, phone number, business contact details, correspondence address, IP address. We shall process this data for the purposes of communicating with you and keeping our records on the lawful grounds of legitimate interest;
- Customer or Client Information: should you purchase goods and/or services from us then we may process information in connection with your purchase, and the supply of that purchase, as well as keeping appropriate records. Such information may include your Personal Information, billing address, delivery address, credit card or other payment details and we shall process it on contractual grounds;
- User Information: this may include comments or statements that you may make or post via our Website, online platforms or social media channels, images, documents or videos that you share on or through our Website or through any of our pages or other online platforms, and information concerning your use of our Website or other online platforms such as your browser information, pixel ID, page views, pages visited, number of visits and where appropriate log-in details. We shall process this information to analyse and monitor usage and content of our Website and other platforms and channels to ensure the content is relevant to you, to support our administration and record keeping requirements, and to maintain security of our systems on legitimate interest grounds;
- Promotional Information: this may include information you provide in connection with any promotions, marketing or advertising from us or our third parties. We shall use this information to provide relevant offers and advertisements, competitions and promotions and other free resources and to monitor our promotional activity, keep records and compile analytics on legitimate interest grounds.
We may also process your personal data to deliver or send relevant advertisements to you through our Website and other online platforms and to analyse the success and effectiveness of such adverts for our legitimate interest purposes of promoting and growing our business.
In accordance with the Privacy and Electronic Communications Regulations (PECR) we may also send you relevant advertisements or marketing information if you:
- have ever purchased or enquired about our products or services; and
- at the time of your purchase or enquiry you agreed to receive advertising or marketing information from us and you have not opted out from receiving that information.
Where we contact you through email, we shall ensure that our emails clearly display the location of the sender and include clear options for you to opt-out from receiving contact from us in accordance with the CAN-SPAM act.
What information does Naked Recovery collect from our users and how do we collect it?
- Newsletters: Generally, this information includes name and e-mail address for registration to receive our free newsletters and name, in some cases postal address. All of this information is provided to us by you. This information is used for internal marketing purposes only. Naked Recovery does not sell, exchange, or release your personal information (name, e-mail address, mailing address, credit data, etc.) Your information is not shared with any other third party or company outside of billing and shipping purposes. Naked Recovery only contacts individuals who specifically request that we do so or in the event that they have:
- Signed up to receive our free newsletters or
- purchased one of our products or services or
- requested results of an online Test or Report
- Contact us page: In some cases you have contacted us through the Naked Recovery Contact us page. All of this information is provided to us by you. This information is used purely to respond to your enquiry, question or feedback. We do not add you to our database and once the request has been completed by our team, the information is archived in our email system.
- Online programs: In this instance, Naked Recovery is storing your information online for you on a secured server. Generally, this information includes name and e-mail address as well as any details you have completed within your 21-day program. All of this information is provided to us by you and is stored online for you to access/print or review your information. This information is used by our therapist team to periodically review that you are being taken care of, on track and to reach out to see if there is anything you require. Naked Recovery does not sell, exchange, or release your personal information (name, e-mail address, mailing address, credit data, etc.) Your information is not shared with any other third party or company outside of billing and shipping purposes unless we have concern for your safety. Once your program is completed and you have printed it, you are very welcome to contact our team to request total deletion of the contents of your program. Your program will then be removed in its entirety. To contact us, please use the contact us form on our website or call one of our offices. Please give us 24 hours to action your request.
- Comments: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
- Media: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
- Billing information: Naked Recovery does not hold or store your credit card or billing information on our website.
- Emergency contact information: Naked Recovery reserves the right to request emergency contact information and to contact the person(s) we have on file if we have concern for your safety.
If you receive emails from us, it’s because you signed up to something somewhere. If you no longer wish to receive anything, just hit the Unsubscribe button.
We do not collect any sensitive data about you. Sensitive data includes data relating to your health, race or ethnicity, political opinion, religious or philosophical beliefs, trade union membership, genetics, biometrics, sex life or sexual orientation. We do not process any data relating to criminal offences and convictions.
How do we use this information?
All your information is either used for internal marketing purposes as stated above OR to check on your progress through one of our online programs. As stated above if you wish for your information to be removed from any online programs you are signed up to, then please submit this request. Once deleted, there is no way for us to retrieve this information. Naked Recovery does not sell, exchange, or release your personal information (name, e-mail address, mailing address, credit data, course data, personal information etc.) Your information is not shared with any other third party or company outside of billing and shipping purposes.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How do we store your information?
- Newsletters: Your information is stored at the ActiveCampaign list server that delivers Naked Recovery newsletters. Your information can only be accessed by those who help manage those lists in order to deliver e-mail to those who would like to receive Naked Recovery’s newsletters. All of the newsletters that are sent to you by Naked Recovery include an unsubscribe link in them. You can remove yourself at any time from our newsletters by clicking on the unsubscribe link. You can also contact us using the Contact us menu to change your information at any time.
- Online Program: All your course information is stored on the Naked Recovery secured private VPS server. You can access the information using your computer or mobile phone to update your course details at any time. The information is also available to print day by day or all in one go. All of this information is provided to us by you and is used by our therapist team to periodically review that you are being taken care of, on track and to reach out to see if there is anything you require. Naked Recovery does not sell, exchange, or release your personal information (name, e-mail address, mailing address, credit data, etc.) Your information is not shared with any other third party or company outside of billing and shipping purposes unless we have a concern for your personal safety or the safety of anyone else. Once your program is completed and you have printed it, you are very welcome to contact our team to request total deletion of the contents of your program. Your program will then be removed in its entirety. To contact us, please use the contact us form on our website or call one of our offices. Please give us 24 hours to action your request.
Disclosure of personal data
We may use any of the following external service providers to support our business and may share your personal data with those third parties:
We understand that all of these third parties have appropriate technical and security processes in place to protect your data.
We may also share your personal data as follows:
- where it is necessary for external service providers who have been engaged by us to assist in the provision of services to our clients and customers;
- where it is required by our professional support teams;
- where we are required by a government body or legal obligation or to protect our rights;
- where it is required in connection with the sale or purchase of any business or assets;
- with any other member or company of our group.
Where we have outsourced a function or activity to an external service provider, we will only disclose personal data that the service provider needs to undertake that function or activity, and we require external service providers to agree to keep your personal data secure in accordance with the relevant law.
We agree not to share your personal data with any third party for that third party’s marketing purposes unless we have obtained your consent to do so.
Transfer of personal data
Our Website is located within the United States and we comply with the Internet laws applicable to the United Kingdom which includes the GDPR. Your data will be processed within the United States and the United Kingdom.
We may also transfer your data to a third-party service provider which requires your data to be transferred outside of the EEA. Where your data is transferred outside of the EEA by our third-party service providers, we understand that they comply with the following standards relating to the security of your personal data:
- ActiveCampaign use the EU Model Contract which governs the lawful transfer of data from the EEA to countries outside of the EEA. In respect of any payment or financial information, Xero complies with the Payment Card Industry Data Security Standards;
- Facebook complies with the General Data Protection Regulation and is certified under the Privacy shield for data transfers;
- Google complies with the General Data Protection Regulation and is certified under the privacy shield for data transfers. Google also complies with the Payment Card Industry Data Security Standards;
- Paypal relies on Binding Corporate Rules approved by competent Supervisory authorities;
- Stripe is certified under the EU-US Privacy Shield as well as EU Standard Contractual Clauses and Binding Corporate Rules.
- Zoom is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield;
- Whatsapp is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield;
- Moodle is self-certified under the Privacy Shield Framework;
Where we transfer data to parties not listed above that are outside of the EEA then we will ensure that at least one of the following conditions is met:
- You have given your express consent;
- The country has an approved adequate level of protection for personal data;
- It is legally required;
- It is authorised by the relevant data protection authority.
We take the protection of your personal data seriously and have taken suitable and reasonable steps to protect the personal data we hold from misuse, loss, unauthorised access, and any modification or disclosure.
We limit access to your personal data to those employees, agents, contractor or third parties who have a business need to know. They will only process your data on our instructions and must keep it confidential.
If you are submitting personal data over the internet that you wish to remain private, please note that while attempts are made to secure information transmitted to this site, there are inherent risks in transmitting information across the internet. If you prefer, you can contact us by alternative means using phone or mail.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We will retain your information online in our online programs for your use. We will not delete this information unless you tell us to.
We will not keep your personal data for longer than is required with regard to the purpose for which it was collected by us or provided by you including any legal or record keeping requirements and will take reasonable steps to destroy or permanently de-identify your personal data when it is no longer required.
Your rights in relation to the data we hold
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You have rights in relation to your personal data these include the right to access and receive a copy of your personal data, to ask us to correct any errors, to erase your personal data, to restrict or object to how your information is processed. You can find out more about your rights by visiting https://ico.org.uk/your-data-matters/.
To ensure the information we hold about you remains accurate please contact us using the email address above if at any time your personal details change.
Where you have provided your consent for us to process your personal data you can withdraw that consent at any time. Should you wish to do so please contact us at the above email address.
If you are not happy with how we process your personal data you have the right to lodge a complaint with the Information Commissioners Office (ICO), the UK supervisory authority for data protection issues.
Links to other sites
The Website may contain links to other sites. We are not responsible for the privacy practices of those web sites and have no knowledge of whether cookies or other tracking devices are used on any such linked sites. If you have any concerns regarding the privacy of your information you should ensure you are aware of the privacy policies of those sites before disclosing any personal information.
Changes to this Privacy Notice
We reserve the right to alter or amend it without notice. Should the Privacy Notice be altered, the new policy will be posted on the Website.
Your first use of our Website after the date of any amendments or alterations will constitute your acceptance of such changes therefore, we recommend you review this Privacy Notice regularly to keep informed of any changes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we protect your data
It’s encrypted behind a firewall on our server.
5 Cardinals Close
Bexhill on Sea