PRIVACY STATEMENT 

This is the privacy statement of Body & Fit Sportsnutrition B.V. (hereinafter "we" or "us"). In it, we explain what we do with your personal data and why. If a term is not described in this statement, it has the meaning as described by the GDPR (General Data Protection Regulation EU 2016/679). Please take the time to read this statement completely so that you are fully informed. If you have any questions about this statement, you can contact us using the details below. We respect your privacy and are committed to protecting your personal data. In this privacy statement, we explain what we do with your personal data when you visit our website (wherever you are from), what your privacy rights are and how the law protects you.   

WHAT PERSONAL DATA DO WE PROCESS AND WHAT DO WE USE IT FOR?  

Personal data means any information about a person from which you can deduce who they are. For each activity, the personal data we process, the purpose for which we use that personal data and the processing grounds we use are described below. We only use your personal data for things permitted by law. As a rule, we will use your personal data to fulfil the contract we wish to conclude or have already concluded with you, or if it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights are not jeopardised by these interests.  

FROM WHOM DO WE PROCESS PERSONAL DATA AND HOW DO WE GET THIS DATA?  

We process the personal data of customers who have (had) direct or indirect contact with us. We receive the personal data directly from you when you visit our website, create an account and fill in certain data or when you contact our customer service. In some cases, we receive your data from others. For example, when someone places an order and sends it directly to you as a gift; in that case, we receive your name and address details. We may also receive personal data from other parties but only if you have given those parties permission to provide certain data to us.   

WHAT DATA DO WE RECEIVE FROM YOU AND HOW LONG IS IT STORED? 

WHEN YOU ORDER FROM US  

With every order you place with us we process the following personal data:  

  • Salutation  
  • First name and surname  
  • Delivery address (street, house number, postal code and city)  
  • Billing address (street, house number, postal code and city)  
  • Telephone number  
  • [Optional] Date of birth  
  • E-mail address  
  • IP address (retention period 30 days)  

We process this personal data to process your orders and to answer any questions about your order. The processing grounds we use are to execute the agreement we have concluded with you and to fulfil our legal obligations. We are required by law to keep records of your orders (such as invoices and other accounting documents) for 7 years.   

WHEN YOU CREATE AN ACCOUNT  

To make ordering easier, you can also choose to create an account on our website. When you create an account, we process the following personal data:  

  • Salutation  
  • First name and surname  
  • Addresses entered in the address book  
  • Orders you place  
  • Reviews that you place  
  • Phone number  
  • E-mail address  

We process this personal data to process your orders and answer any questions you may have about them. We use your orders and reviews to understand your preferences for our products. You can choose to save your credit card details when placing an order. This way you can immediately use the same credit card for your next order without having to enter all the details again. You can view and maintain the saved credit card details in your account. The grounds we use to process your personal data are to execute the agreement we have concluded with you and to fulfil our legal obligations. We use your orders and reviews based on the legitimate interest to simplify transactions and gain insight into our customers' product preferences. This allows us to adjust the composition of the product range according to our customers' preferences. After deleting your account, we only keep your data if we are legally obliged to do so. If this is not the case, your account data will be deleted immediately (with the exception of order data, such as invoices, which we must keep for 7 years).

WHEN YOU CONTACT OUR CUSTOMER SERVICE 

We have a customer service team to answer questions and solve problems. You can call, email or chat with us or send a message via social media, such as Facebook and Instagram.  We can help you more efficiently by holding your data. In doing so, we process the following personal data:  

  • First and last name  
  • Email address (if you email us)  
  • Telephone number (if you call us)  
  • Customer contact notes  
  • IP address (if you chat with us)  

A telephone conversation may be recorded for training and analysis purposes. At the beginning of the conversation, you will be informed that the conversation may be recorded, the purposes of such recordings and the intended recipient. You have the right to object to this. You also have the right to request access to such a recording. We have a legitimate interest in using these interactions to improve our services. We keep the telephone conversation for 3 months. Did you ask a question via social media? Then we store the data we receive with the data we already have on you. We do this so we can respond to your question or comment in the best possible way and provide you with a more personalised service in the future. Questions you submit to our customer service channels will be kept for a period of six months.  

WHEN YOU GIVE A REVIEW OF OUR PRODUCTS  

We like to collect reviews about our products in order to improve them and better help our customers. When you leave a review with us, the review is assessed against criteria of food laws and regulations and you agree that we may contact you as a result of your review. In doing so, we process the following personal data:  

  • Email address  
  • Name (this may also be a so-called nickname)  
  • Review  

WHEN YOU GIVE A REVIEW OF YOUR EXPERIENCE ON THE WEBSITE  

We like to collect reviews about our services. We use a third party, Trusted Shops, for this purpose. Trusted Shops offers not only the possibility to give a review but also free buyer protection. When completing the order process, we ask you explicitly to consent to the use of Trusted Shops. If you give your consent, the following data will be exchanged with Trusted Shops, after which the review process will be started and you will benefit from Buyer Protection:  

  • Order date  
  • Order number  
  • Purchase amount  
  • Payment method  
  • Customer number  
  • Email address  
  • Webshop name  
  • IP address  

If you have a Trusted Shops account or have previously given your consent to Trusted Shops services at another shop, this consent will not be requested again at our shop. More information about Trusted Shops can be found here. 

ANALYSIS  

If you visit and browse our website, we process the following information in the form of cookies or similar techniques (see our cookie statement):  

  • Your approximate location based on part of your IP address  
  • What you do on our website, e.g., what you click on  
  • Your type of internet browser and the type of device you use to visit our website  

We process this data based on our legitimate interest to improve the website and to understand our customers' product preferences. We will only keep your visitor data for as long as we are required to do so and for a maximum of 26 months. After that, we will ask for your consent again, otherwise the data will be permanently deleted.

MARKETING  

We engage in various forms of marketing. E-mail, SMS, social media and/or other media are used. Advertising banners we deploy on our own and third party websites also fall under the channels we use for marketing. We try to make the marketing communication as relevant to you as possible. To do this, we need (personal) data that helps us understand what your interests are and what you are looking for. We analyse your behaviour based on our marketing communications. We also analyse the response and effectiveness of our campaigns based on your reaction and behaviour towards them.  

WHEN WE SEND YOU OUR NEWSLETTER  

With our newsletter, we like to make you aware of new developments and offers. You can subscribe to the newsletter via our website. We will only send you newsletters if you have given your express consent or made a purchase from us. We store your consent to receive newsletters so that we can establish our legal basis for sending newsletters. When you unsubscribe from the newsletter, we immediately remove your e-mail address from our mailing list. When you use our newsletter, we process the following information:  

  • Email address  
  • Whether you open the newsletter  
  • What you click on in the newsletter  

We use your e-mail address to send the newsletter to you. You can unsubscribe from the newsletter at any time by clicking the unsubscribe link in the newsletter or, if you have created an account, by withdrawing your consent in your account. We use your click behaviour to determine which parts of the newsletter you are interested in. We use this information to compile the newsletter. We process your click behaviour based on our legitimate interest to understand our customers' preferences.    

WHEN WE SEND YOU AN SMS  

We would like to inform you by SMS about new developments and offers on our website. We will then process the following data from you:  

  • Telephone number - this is only used for sending the SMS message  
  • What you click on in the SMS message - this information is used for analysis purposes in order to determine which parts of the message our customers are interested in.  

You can unsubscribe at any time by following the unsubscribe instructions in the SMS.   

WHEN WE SHOW ONLINE ADVERTISEMENTS TO YOU 

We advertise our products on third-party websites and social media channels. Advertising networks and media agencies are used for this purpose. When we do so, we may process the following data: 

  • Your historical purchases  
  • Your click behaviour on the site and online ads from us  
  • IP address or ad ID  
  • Telephone number  
  • E-mail address  
  • Name  

When you click on an online advertisement for our products (for example on Google or Facebook), the social media channel concerned records that you clicked on a Body&Fit advertisement and on which channel the advertisement in question was shown. Your click behaviour, IP address, e-mail address, name and orders on the Body&Fit website are only passed on to an advertising channel if you have given permission for the cookies associated with the relevant processing. You can revoke permission for these advertising cookies at any time via the cookie declaration. If you create an account or make a purchase, we may (using your e-mail address, telephone number or name) include you among those whom we advertise to via a social media channel. This is in order to show an advertisement to you, to show an advertisement to other users of the channel with a similar interest or, conversely, to ensure that the advertisement is not shown. Your data is always 'hashed' in this process, which means it is not readable but can be used for automated processing.  

WHEN WE DO AN NPS AND CUSTOMER SATISFACTION SURVEY  

We conduct customer satisfaction surveys among customers who order from us. For this purpose, we cooperate with marketing partners with whom we have a processing agreement. We process at least the following personal data:  

  • E-mail address  
  • Name  

We process this data based on our legitimate interest to gain insight into our customers' preferences regarding products or the user-friendliness of the web shop. Participation in and customer satisfaction survey is of course not obligatory. The partner we work with for NPS (Net Promoter Score) research is CloseAlert. The partner we work with for customer satisfaction research is InSites Consulting. Personal data will be deleted 1 day after completion of the survey.   

WHEN WE SHOW A CAMPAIGN TO YOU ON OUR WEBSITE  

On our website, we may highlight a campaign through banners and pop-ups. Some of the campaigns give you the opportunity to subscribe to our newsletter. In doing so, we then process the following data:  

  • E-mail address  
  • First name and surname  
  • [Optional] Salutation  
  • [Optional] Date of birth  
  • [Optional] Interests  
  • IP address  

We process your data only if you have given your consent. We include your data in our database for sending e-mail newsletters. For showing a campaign and measuring its effectiveness, we use Sleeknote's services. Sleeknote keeps your data for a maximum of three months.  

AUTOMATED DECISION FORMING AND PROFILING  

By analysing your behaviour on the site, we are able to tailor the website to your personal preferences. This also involves profiling. Profiling is any form of automated data processing in which we analyse certain personal aspects of you to predict, among other things, your personal preferences and interests. We only use your click behaviour (products viewed), purchase history and possibly account data to create generic customer patterns. We do not create a separate user profile of you. However, some parts of the website (such as recommended products) and the content of the newsletter are tailored to your personal preferences through the use of generic customer patterns.   

WHEN YOU PLACE AN ORDER VIA ANY OF OUR INFLUENCERS  

For our influencer programme, we partner with Brandbassador. When using a code obtained through one of our influencers affiliated with Brandbassador, we share the following information with Brandbassador:  

  • Order number  
  • Coupon number  
  • Order value  

This information is used by Brandbassador for reporting purposes. No further personal data is shared with Brandbassador for customers who place an order through an influencer.   

SHARING PERSONAL DATA WITH THIRD PARTIES  

Body&Fit will not sell your personal data to third parties and will make it available to third parties involved in processing your order. For example, Royal Mail for the delivery of parcels in the United Kingdom. We may also share your details with partners who help us with:  

  • supporting our customer service;  
  • supporting our advertising and marketing campaigns;  
  • supporting us in conducting customer research and obtaining ratings and reviews;  
  • providing financial services, such as payment services, debt collection agencies and credit reference agencies.  

We process this data and share your data with third parties for the performance of the agreement and based on our legitimate interest. Our employees and third parties engaged by us are obliged to respect the confidentiality of your data. We do not allow third parties to use your personal data for their own purposes; we only allow third parties to process your data for specific purposes and in accordance with our instructions. We have laid down these arrangements with all our third parties in processor agreements. Sometimes we have to transfer personal data to the government because we are required to do so by law. This may occur first if certain government institutions need this data to perform their duties, such as the tax authorities. The police or judiciary may also need certain data in case of fraud or abuse. Finally, certain regulators may access personal data in the context of an investigation.   

CONSIDER, ADJUST OR DELETE DATA  

You have the right to access, correct or delete your personal data. In addition, you have the right to withdraw any consent to data processing or object to the processing of your personal data. You also have the right to transfer your data. This means you can submit a request to us to send the personal data we have on you in a computer file to you or to an organisation named by you.  

You can send a request to inspect, correct, delete or transfer your personal data, or a request to withdraw your consent to or object to the processing of your personal data, to privacy@bodyandfit.com. After establishing your identity, we will inform you within four weeks of receiving your request which of your personal data we are processing or, if applicable, remove, block or correct it. If you have created an account, you can view and change your data at any time via the ‘my account’ page.   

HOW IS YOUR DATA SECURED?  

We take many measures to secure your personal data, both organisationally and technically. We have a group of in-house specialists who work daily to secure our systems and search for vulnerabilities. Through strict access control, we ensure that your personal data is only accessible to employees who need to work with it. In addition, we regularly have our security tested by external experts. If we give your data to someone else, then we require that this other party handles your data as carefully as we do; a processing agreement is always concluded with the party in question.   

COMPLAINT PROCEDURES  

If you have a complaint about compliance with this privacy statement or a violation of your rights under the law, please contact privacy@bodyandfit.com. You also have the option to file a complaint with the Information Commissioner’s Office. For the contact details of the Information Commissioner’s Office, please refer to their website: Information Commissioner's Office (ICO

CONTACT DATA  

Controller's name: Body & Fit Sportsnutrition B.V. We use the following trade names: optimumnutrition.com

Branch address:  

Mars 10  

8448CP Heerenveen  

E-mail address: privacy@bodyandfit.com  

  

The privacy statement was last updated on 22 December 2022