Skip navigation
Start your journey today Find a Consultant

Privacy policy

 

Cambridge Weight Plan Limited (“We”, “Us”, “Our”, the “Company”) is committed to protecting and respecting your privacy. This Privacy Policy together with any other documents referred to herein, sets out the basis on which the personal data collected from you, or that you provide to Us, will be processed by Us in connection with your use of Our websites, www.one2onediet.comwww.cambridgeweightplan.com, shakeitup.cambridgeweightplan.com (the “Websites”), and the My 1:1 Diet App (the “App”).

It is important that you read this Privacy Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your personal data. This Privacy Policy supplements other notices and privacy policies and is not intended to override them.

Who we are and how to contact us

If you use our Websites or our App, the controller for your personal data will be Cambridge Weight Plan Limited of Stafford House, 10 Brakey Road, Corby, Northants, NN17 5LU.

We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this Privacy Policy.

If you have any questions about this Privacy Policy or our privacy practices, please contact our DPO at the postal address above or by email on lking@cwp-uk.com.

You have the right to make a complaint directly to the Information Commissioner’s Office (“ICO”), the UK regulatory for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Third party links

The Websites and the App may from time to time, contain links to websites of third parties (such as advertisers and affiliates). If you follow a link to any of these websites, please note that these websites are subject to their own privacy policies, and we do not accept any responsibility or liability for these policies or their use of your personal data. Please check these policies before you submit any personal data to these websites.

Personal Data

When you use the Websites or the App you may provide Us with personal data such as your name, address, date of birth, telephone numbers and email address. This includes information provided at the time of registering to use either the comments on the Websites, requesting contact from a Consultant, completing any online questionnaire, ordering a Taster Pack, registering on the App and details of your visits to our site and the resources you access. If you contact us, we may keep a record of that correspondence.

We may collect, use, store and transfer different kinds of personal data about you as follows:

  • Name
  • Address
  • Date of birth
  • Contact details, such as telephone numbers and email address
  • Billing details
  • Information, including health information, you provide in your responses to the medial questionnaire you provided to your consultant
  • Information you provide to us at the time of registering to use either the comments on the Websites, requesting contact from one of our consultants, completing any online questionnaire, registering on the Websites or the App, when you use any interactive service available via the Websites or the App, and any other time you contact us.
  • Technical data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Websites or the App.
  • Profile data including your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Usage data including information about how you use our Websites or the App.
  • Marketing and communications data including your preferences in receiving marketing from us and our third parties and your communication preferences.

We receive the personal data listed above either directly from you when you interact and correspond with us and fill out forms on our Websites and App or from your consultant.

As you interact with our Websites and the App, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. We also receive technical data from analytics providers, advertising networks, and search information providers.

Special Categories of Personal Data.

We may receive health data, including your answers to the medical questionnaire you provided to your consultant, about you from your consultant. We receive this health data based on the consent you provided to your consultant. If you wish to withdraw your consent, please contact your consultant. However, please note that withdrawing your consent may mean that you may not be able to access some or all of the Websites or the App.

Uses made of Personal Data

We will only use your personal data in accordance with the UK General Data Protection Regulation (UK GDPR).

We may use your personal data for the purposes of:

  • Registering you as a new customer or user of our Websites or App. The lawful basis for this purpose is our performance of a contract with you;
  • Processing any order you have placed via the Websites, including managing payments, fees and charges and collecting and recovering money owned to us. The lawful bases for this purpose are our performance of a contract with you and that it is necessary for our legitimate interests to recover debts due to us;
  • Managing our relationship with you, including notifying you about changes to our terms and conditions or our privacy policy. The lawful bases for this purpose are our performance of a contract with you, it is necessary for us to comply with a legal obligation, and it is necessary for our legitimate interests to keep our records updated;
  • Ensuring that content on the Websites or the App are presented in the most effective manner for you and your computer or device. The lawful basis for this purpose is that it is necessary for our legitimate interests to define types of customers for our products and services, to keep our website updated and relevant, and to develop our business;
  • Administering and protecting our business, the Websites and the App, including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data. The legitimate bases for this purpose are that it is necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise and necessary for us to comply with a legal obligation;
  • Providing you with information, products or services as requested by you either through us or the network of consultants. The lawful basis for this purpose are our performance of a contract with you;
  • Making suggestions and recommendations to you about goods or services that may be of interest to you. The legal basis for this purpose is that it is necessary for our legitimate interests to develop our products and services and grow our business; and
  • Auditing carried out by the Company on the network of consultants to establish that they are providing the best service possible and are following all the Company’s Policies and Procedures that are set out to them. The legal basis for this purpose is that it is necessary for our legitimate interests of running our business and ensure that consultants delivery an appropriate level of service to our dieters; and
  • Delivering relevant website and app content and online advertisements to you and measure or understand the effectiveness of the advertising we serve to you. The legal basis for this purpose is that it is necessary for our legitimate interests of studying how customers use our products and services, to develop them, to grow our business and to inform our marketing strategy.

We will only contact you by post, email or telephone from time to time to tell you about goods and services of The 1:1 Diet by Cambridge Weight Plan which we consider may be of interest to you if you have completed an affirmative action consenting to us contacting you in relation to goods and services of the Company. If you wish to withdraw your consent at any time please email us at compliance@cwp-uk.com inserting “UNSUBSCRIBE” as the subject. We confirm that we will not contact you in this way unless we have your consent to do so. We also confirm we will not use personal data for any profiling activity or process and will not adopt any automated decision-making processes.

Disclosure of your Personal Data

We may disclose your personal data to third parties:

  • In the event that we sell any business or assets, in which case we may disclose your personal data to the prospective buyer of such business or assets;
  • If all, or substantially all, of our assets, or those of a member of our group, are acquired by a third party, in which case personal data held by it about our customers may be one of the transferred assets;
  • If we are under a duty to disclose or share your personal data to comply with any legal obligation, or to enforce or apply our terms of use or such other terms as apply to our relationship, or to protect the rights, property, or safety of us, our consultants, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction; and
  • If we determine that such disclosure is necessary in connection with any investigation or complaint regarding your use of the Websites or the App.

We may also disclose your personal data to:

  • Any member of our group, which means any subsidiaries, our ultimate holding company, and its subsidiaries, as defined in section 1159 of the Companies Act 2006 who provide IT and system administration services and undertake leadership reporting;
  • Our network of consultants for the purposes of them dealing with a request made by you for contact;
  • Service providers who provide IT and system administration services;
  • Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services;
  • HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances;
  • Third party platform providers, including Meta, for marketing purposes in order to: (i) help us ensure we are only sending marketing communications to those parties who have consented to receiving such communications; (ii) improve relevance of our adverts that are displayed on social media platforms and third party websites, including via the use of lookalike audiences; and (iii) help us analyse and measure the performance of our adverts, including those of social media platforms and third party websites.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

When sharing your personal data with third party platform providers the measures we take to protect the security of your personal data includes providing the personal data as “hashed data”. This involves your data being scrambled into a random fixed-length value by a hashing algorithm in such a way that it cannot be returned to its original state. This protects the data as the random fixed-length value is difficult to decipher and tamper with without detection.

International transfers

We may transfer your personal data to service providers and third party platform providers that carry out certain functions on our behalf. This may involve transferring personal data outside the UK to countries which have laws that do not provide the same level of data protection as the UK law.

Whenever we transfer your personal data out of the UK to service providers, we ensure a similar degree of protection is afforded to it by ensuring that we will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data or using specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK. To obtain a copy of these contractual safeguards, please contact us at compliance@cwp-uk.com.

Cookies

Certain parts of the Websites and the App use ""cookies"" to keep track of your visit and to help you navigate between sections. A cookie is a small data file that may be stored on your computer's hard-drive when you visit a website. Cookies can contain information such as your user ID and the pages you have visited.

We use cookies to enable us to deliver content that is specific to your interests and to give us an idea of which parts of the Websites or the App you are visiting and to also recognise you when you return to the Websites or the App. Our cookies do not read data from your computer's hard-drive or read cookies created by other websites that you have visited. This means that your visit will be tracked, but that to all intents and purposes you remain anonymous.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting, you may be unable to access certain parts of the Websites or the App. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you access the Websites or the App.

Data retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

By law we have to keep basic information about our customers for six years after they cease being customers for tax purposes.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. As set out above we will only process your data for marketing purposes where we have your express consent. You can exercise your right to withdraw your consent from such processing by contacting us at compliance@cwp-uk.com

Under the UK GDPR you have the following rights:

  • The right to be informed: this means anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to.
  • The right of access: this is your right to see what data is held about you by a Data Controller.
  • The right to rectification: the right to have your data corrected or amended if what is held is incorrect in some way.
  • The right to erasure: under certain circumstances you can ask for your personal data to be deleted. This is also called “the Right to be Forgotten”. The Right to be Forgotten is not absolute. It would however apply if the personal data were no longer required for the purposes it was collected, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
  • The right to restrict processing: this gives you the right to ask for a temporary halt to processing of personal data, such as in the case of a dispute or legal case that must be concluded, or the data is being corrected.
  • The right to data portability: this gives you the right to ask for any data supplied directly to the Data Controller by you, to be provided in a structured, commonly used, and machine-readable format.
  • The right to object: you have the right to object to further processing of their data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
  • Rights in relation to automated decision making and profiling; you have the right not to be subject to a decision based solely on automated processing.

If you wish to exercise any of your rights as set out above, please email us at compliance@cwp-uk.com.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to the privacy policy

We reserve the right to alter this Privacy Policy at any time. Such alterations will be posted on the Websites or the App by us. It is important that you read any such alterations as and when they are posted.

Should you object to any alteration, please contact us at admin@Cambridgeweightplan.co.uk