Health Solutions

Privacy Policy

We are pleased that you are visiting our website www.improvedimmunesystem.com and thank you for your interest in Improved Immune System. 

In the following, we inform you about the handling of your personal data when using our website. In this context, personal data is processed in accordance with the UK`s Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR).

 In the following, we inform you about the collection and processing of personal data during the general use of our services (irrespective of the actual use of our services) as well as during the use of our services and, if applicable, beyond that. In this privacy policy, you will also find some general information - for example, on your data subject rights or general additions to previously listed processing, such as the storage period.

 General Information

 The controller 

The person responsible for data processing on this website is Improved Immune System of 65 Claremont Road, Staines, TW18 3AS, UK, e-mail: improvedimmunesystem@gmail.com. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

 Obligation to provide personal data

You are not obliged to provide us with personal data. However, depending on the individual case, the provision of certain personal data may be necessary for the provision of the above services. If you do not provide us with this personal data, we may not be able to provide the service.

 Automated individual decision-making including profiling

We do not make automated decisions in individual cases, including profiling.

 Do Not Track

Do Not Track is a privacy preference you can set in most browsers. We support Do Not Track because we believe that you should have genuine control over how your info gets used and our site responds to Do Not Track requests.

 
Do Not Sell My Personal Information 

We do not sell information that directly identifies you, like your name, address or phone records. 

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

Children Data

Our website is not intended for children and we do not knowingly collect data relating to children. If you become aware that your Child has provided us with Personal Data, without parental consent, please contact us and we take the necessary steps to remove that information from our server.

Principles, Rights of users and data subjects and the legal basis of processing

Your Rights

With regard to the data processing described in more detail below, users and data subjects have the right to

• to confirmation as to whether data relating to them is being processed,
• to information about the data processed, to further information about the data processing and to copies of the data;
• to correction or completion of incorrect or incomplete data;
• to immediate erasure of the data concerning them;
• to receive the data concerning them and provided by them and to transfer this data to other providers/controllers;
• to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection provisions.

 In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or restriction of processing that takes place. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.

Likewise,users and data subjects have the right to object to the future processing of data concerning them, insofar as the data is processed by the provider. In particular, an objection to data processing for the purpose of direct advertising is permissible.

The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information.

California Specific Rights

If you are a California resident, you have the following rights:

You have the right to:

• request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, and sell.
• request that we delete personal information that we collect from you, subject to applicable legal exceptions.
• “opt out” of the “sale” of your “personal information” to “third parties”

 In addition under California’s “Shine the Light” law, California residents who provide personal information (as defined in the statute) to obtain services are entitled to request and obtain from us, once per calendar year, information about the personal information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared such personal information for the immediate prior calendar year (e.g., requests made in the current year will receive information about the prior year).

 We encourage you to get in touch if you have any concerns with how we collect or use your personal information.

The legal basis of processing

The following informs you about the legal basis of us processing your data and unless the legal basis is not specifically mentioned, the following applies: 

Consent – This is where we have asked you to provide explicit permission to process your data for a particular purpose.

Contract – This is where we process your information to fulfil a contractual arrangement we have made with you.

Answering your business enquiries – This is where we process your information to reply to your messages, e-mails, posts, calls, etc.

Legitimate Interests - This is where we rely on our interests as a reason for processing, generally this is to provide you with the best products and service in the most secure and appropriate way. Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.

Legal Obligation – This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime. 

Data collection

Data collection when visiting our website

When you use our website for information purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect the data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

• Our visited website
• Date and time at the time of access
• Amount of data sent in bytes
• Source/reference from which you reached the page
• Browser used
• Operating system used
• IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. You can learn more about cookies and there general application on the All About Cookies Website and more about our use of cookies in our Cookie Policy.

Contacting us

When contacting us, personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request. If your contact is aimed at concluding a contract, the additional legal basis for processing is the provision of a contractual measure. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

Data processing when opening a customer account and for contract processing

Personal data will continue to be collected and processed if you provide it to us for the performance of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We store and use the data provided by you for the purpose of processing the contract. After complete processing of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after expiry of these periods, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved on our part.

Use of customer data for direct advertising

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you e-mail offers for similar goods or services to those you have already purchased from our range. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalised direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. This will only incur transmission costs for you according to the basic rates. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately.

Data processing for order handling

In order to process your order, we work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.

The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the framework of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we will inform you explicitly about this below.

Direct marketing

From time to time we may use the personal information we collect from you to identify particular products offers which we believe may be of interest to you. We may contact you to let you know about these products and services and how they may benefit you.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by Improved Immune System, or by our contracted service providers. Every directly addressed marketing form sent or made by us or on our behalf should include a means by which customers may unsubscribe (or opt out) of receiving similar marketing in the future. You can ask us to remove or amend any previous consent you provided by contacting us.

Right to object

If we process your personal data in the context of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time on grounds arising from your particular situation.

If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing is for the purpose of asserting, exercising or defending legal claims.

If we process your personal data for the purposes of direct marketing, you have the right to object at any time to the processing of your personal data for the purposes of such marketing. You may exercise the right to object as described above. If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

Retention, Sharing and Security

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, the data processed by us will be deleted or restricted in their processing. If the data is not deleted because they are required for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

When do we disclose your Personal Data?

We may share your information with organisations that help us provide the services described in this policy and who may process such data on our behalf and in accordance with this policy, to support our online offer and our services. If you wish to learn more about how the relevant provider process your personal data, please follow the link embedded in the above mentioned providers name. 

Typically and unless otherwise stated in this policy, data may be shared on the basis of our contractual and pre-contractual obligations. Equally, if you have consented to it, or where there we have a legal obligation to do so or on the basis of our legitimate interests (e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to perform our contractual obligations, administrative tasks and duties efficiently and effectively). If we commission third parties to process data on the basis of a so-called "processing agreement". 

We may also disclose information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

Transfers to third countries

If we process data in a third country or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done in order to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. 

Online Payment, Secure data transmission and Credit card information

The transmission of your personal information during an order transaction is encrypted using industry standard Secure Socket Layer ("SSL") technology, (SSL encryption version 3). Any credit card information you provide will not be stored by us, but will be encrypted and collected directly from our payment service providers Sripe and PayPal via hypertext transfer protocol secure ("https"). 

We may share information with our payment service provider, and you may need to provide credit or debit card information directly to the provider in order to process payment details and authorise payment following a secure link. The information which you supply to in such cases is not within our control and is subject to Sripe’s and PayPal’s own Privacy Policy and Terms and Conditions.

Security measures

For security reasons and to protect the transmission of content, that you send to us, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Miscellaneous and closing

Cooperation with processors and third parties

If, in the course of our processing, we disclose data to other persons and companies (third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).If we commission third parties to process data on the basis of a so-called “processing agreement”.

Online presences in social media

We maintain online presences within social networks and platforms. in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

Obligation to provide personal data

You are not obliged to provide us with personal data. However, depending on the individual case, the provision of certain personal data may be necessary for the provision of the above services. If you do not provide us with this personal data, we may not be able to provide the service.

Duration of storage of personal data

The duration of the storage of personal data is measured on the basis of the respective legal basis, the processing purpose and - if relevant - additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent, this data is stored until the data subject revokes his/her consent.

If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfilment or initiation of a contract and/or we do not have a legitimate interest in continuing to store it.

When processing personal data on the basis of our legitimate interest, this data is stored until the data subject exercises his or her right to object, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of our legitimate interest, such data shall be stored until the data subject exercises his or her right to object.

Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Integration of third-party services and content

Within our online offer, we use content or service providers on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer, we use content or service offers from third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").

This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our web site, as well as being linked to such information from other sources.

Hosting

The services for hosting and displaying the website are partly provided by our service provider as part of processing on our behalf. Unless otherwise explained in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our relationship with them, please contact us.

Content Delivery Network

For the purpose of a shorter loading time, we use a so-called Content Delivery Network ("CDN") for some offers. With this service, content, e.g. large media files, are delivered via regionally distributed servers of external CDN service providers. Therefore, access data is processed on the servers of the service providers. Our service providers work for us within the framework of order processing. If you have any questions about our service providers and the basis of our cooperation with them, please contact us.

Changes 

This policy and our commitment to protecting the privacy of your personal data can result in changes to this policy. Please regularly review this policy to keep up to date with any changes.

Queries and Complaints 

Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.