Privacy Policy
1. Data Controller
Muscleenergyglow.world
UNIT 4, 162-165 High Street Deritend, Deritend, Birmingham B12 0LD, United Kingdom
Company Registration No. 14162165 (England & Wales)
VAT Registration No. GB 212 854 421
Email: feedback@muscleenergyglow.world
Phone: +44 121 285 4421
2. Scope and Legal Framework
This Privacy Policy applies to personal data processed when you visit muscleenergyglow.world, submit our contact form, register for events by email, or interact with cookie settings. We comply with:
- UK General Data Protection Regulation (UK GDPR), as retained in UK law;
- Data Protection Act 2018 (DPA 2018);
- Privacy and Electronic Communications Regulations 2003 (PECR), where relevant to electronic marketing and cookies (see our Cookie Policy).
We are the data controller for processing described here. We have assessed that a Data Protection Officer is not mandatory for our activities; privacy queries may be sent to the contact details in section 1.
3. Personal Data We Collect
We may collect the following categories of personal data:
- Identity & contact: name, email address, telephone number (if you provide it), and message content submitted via the contact form.
- Technical & usage: IP address, browser type and version, device identifiers, operating system, time zone, pages viewed, session duration, and referral URLs (where analytics cookies are accepted).
- Consent records: your cookie choices (necessary, analytics, marketing) and timestamp, stored in your browser local storage and/or our logs.
- Event registration: name, email, and any information you voluntarily include when booking workshops or sessions.
- Correspondence: records of emails or calls where you contact us.
We do not intentionally collect special category data (e.g. health information) via the website. Please avoid sending sensitive personal data in contact messages unless necessary; if you do, you consent to our processing solely to respond to your enquiry.
4. How We Obtain Data
- Directly from you (forms, email, phone, in-person event registration).
- Automatically through cookies and similar technologies (with consent where required).
- From service providers acting on our instructions (e.g. hosting logs).
5. Purposes, Legal Bases, and Retention
We process personal data only where a lawful basis applies under Article 6 UK GDPR:
| Purpose | Data used | Legal basis | Retention |
|---|---|---|---|
| Respond to contact enquiries | Name, email, message | Legitimate interests (Art. 6(1)(f)) — answering requests; Steps at your request prior to a contract (Art. 6(1)(b)) where relevant | Up to 24 months after last contact, unless longer retention is required |
| Event registration & administration | Name, email, booking details | Contract (Art. 6(1)(b)) or Legitimate interests (Art. 6(1)(f)) | Duration of event relationship + 24 months |
| Website operation & security | Technical logs, necessary cookies | Legitimate interests (Art. 6(1)(f)) — security and service delivery | Server logs: typically up to 90 days |
| Analytics (optional) | Usage statistics, pseudonymous IDs | Consent (Art. 6(1)(a)) | Per tool settings, up to 14 months |
| Marketing cookies / communications (optional) | Identifiers, campaign data, email | Consent (Art. 6(1)(a)) and PECR consent for electronic marketing | Until consent withdrawn + 12 months records of consent |
| Legal & tax compliance | Relevant account and transaction data | Legal obligation (Art. 6(1)(c)) | As required by UK law (often 6 years for tax-related records) |
6. Automated Decision-Making and Profiling
We do not use solely automated decision-making, including profiling, that produces legal or similarly significant effects concerning you. Analytics tools may generate aggregated statistics that do not identify you personally unless you have consented to identifiable analytics.
7. Recipients and Processors
We do not sell or rent your personal data. We may share data with:
- Service providers (processors): website hosting, email delivery, IT support, and analytics or advertising partners (only where you have consented to optional cookies). Processors act under written contracts requiring UK GDPR-compliant processing and confidentiality.
- Professional advisers: lawyers, accountants, or insurers where necessary and proportionate.
- Authorities: regulators, courts, or law enforcement when required by law.
A list of key processor categories is available on request by emailing us.
8. International Data Transfers
Your data is primarily processed within the United Kingdom. If a processor transfers personal data outside the UK (including to the EEA or United States), we ensure appropriate safeguards under UK GDPR Chapter V, such as:
- UK adequacy regulations (where the destination is approved);
- UK International Data Transfer Agreement (IDTA) and addendum where applicable;
- Binding Corporate Rules or other approved mechanisms.
You may request information about safeguards by contacting us.
9. Security
We implement appropriate technical and organisational measures, including TLS encryption (HTTPS), access controls, principle of least privilege, processor due diligence, and procedures for handling suspected breaches. In line with UK GDPR Articles 33–34, we will notify the ICO of a personal data breach within 72 hours where required and inform you without undue delay when the breach is likely to result in a high risk to your rights and freedoms.
10. Your Rights Under UK GDPR
Subject to conditions and exemptions in the DPA 2018, you have the right to:
- Access — receive confirmation whether we process your data and obtain a copy (Art. 15);
- Rectification — correct inaccurate data (Art. 16);
- Erasure — request deletion in certain circumstances (Art. 17);
- Restrict processing — limit how we use your data (Art. 18);
- Data portability — receive data you provided in a structured, machine-readable format where processing is based on consent or contract and carried out by automated means (Art. 20);
- Object — object to processing based on legitimate interests or for direct marketing, including profiling related to direct marketing (Art. 21);
- Withdraw consent — at any time where processing is based on consent, without affecting lawfulness before withdrawal;
- Complaint — lodge a complaint with the supervisory authority.
How to exercise your rights: email feedback@muscleenergyglow.world with the subject line “Data Subject Request”. We may need to verify your identity. We respond within one calendar month, which may be extended by a further two months for complex requests; we will explain any extension within the first month.
We do not charge a fee unless a request is manifestly unfounded or excessive, in which case we may charge a reasonable administrative fee or refuse the request as permitted by law.
11. Supervisory Authority (ICO)
If you are unhappy with our response, you may complain to the Information Commissioner’s Office (ICO):
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom.
Website: ico.org.uk/make-a-complaint · Helpline: 0303 123 1113
12. Electronic Marketing (PECR)
We send marketing emails only where you have given clear consent, or where the soft opt-in applies (existing customers, similar products/services, opt-out opportunity at collection and in each message). Every marketing email includes an unsubscribe link or instructions. To opt out, use the link provided or email us with “Unsubscribe”.
13. Children
Our website is directed at adults. We do not knowingly collect personal data from children under 13 without verified parental consent. If you believe a child has provided data to us, contact us and we will delete it promptly where required.
14. Providing Data and Consequences
Contact form fields marked as required must be completed to send a message. Without this information we cannot respond. Optional analytics and marketing cookies are not required to browse the site; refusing them may limit personalisation features only.
15. Changes to This Policy
We may update this Privacy Policy to reflect legal or operational changes. The “Last updated” date at the top will change. Material changes may be communicated via a notice on the website. We encourage you to review this page periodically.
16. Online Advertising and Measurement
If you accept marketing or analytics cookies, we may use measurement technologies (for example, Google Ads or Google Analytics tags) to understand how visitors arrive from advertisements and how pages are used. These tools may process pseudonymous identifiers, browser data, and page URLs. We enable such tags only after consent, in line with PECR. You can withdraw consent at any time via Manage cookie preferences on the website footer. For details, see our Cookie Policy.
17. Related Policies
Please also read our Cookie Policy, Terms of Use, and About Us page for business transparency required under UK consumer and advertising standards.