G-1 Nutrition
Priority supplyPriority medication supply - no shortages*
Free deliveryFree delivery for products dispatched
Privacy Policy

Privacy Policy

This Privacy Policy explains how MDS Healthcare Limited, trading as GLP-1 Nutrition, collects, uses and safeguards your personal information.
 Our website is not designed for children, and we do not knowingly collect information relating to anyone under 18.

 

 

General Information

Data Controller
 MDS Healthcare Limited (referred to as “we”, “our” or “the Company”) is the organisation responsible for deciding how your personal information is used.

We have appointed a Data Protection Officer (DPO) to handle questions regarding this Privacy Policy. If you wish to exercise any of your rights, or have concerns about how your information is handled, please contact:
 Data Protection Officer, MDS Healthcare, 464 Ranglet Road, Walton Summit, Preston, PR5 8AR
 Email: office@issagroup.com

Updates to This Policy & Keeping Your Details Accurate
 We review and update our Privacy Policy regularly. This version was last updated on 1 October 2024. Copies of previous versions are available on request.
 It is your responsibility to let us know if your personal information changes, such as a new address, telephone number or email.

Links to Other Websites
 Our website may contain links to external websites, plug-ins or applications. If you choose to follow these links, those third parties may collect information about you. We do not control these external websites and are not responsible for their privacy practices. We encourage you to check the privacy notice of any site you visit.

Raising Concerns
 You have the right to complain at any time to the Information Commissioner’s Office (ICO), the UK’s regulator for data protection (www.ico.org.uk). However, we would welcome the opportunity to resolve any issues directly, so please contact us first if you have a concern.

 

 

Personal Information We Collect

Overview
 At GLP-1 Nutrition, we respect your privacy and are committed to keeping your personal information safe. This Privacy Policy explains how we collect and use your data when you:

  • browse or use our website;

  • purchase our products or services;

  • create an online account;

  • share your details as a potential client (or when your employer does so on your behalf); or

  • contact us, including making a complaint.

It also sets out your rights and how UK law protects you.

Types of Information We Collect
 Personal information means any data that identifies you, directly or indirectly. The categories of data we may collect include:

  • Identity Information: such as your full name, previous names, username, title, marital status, date of birth, NHS number and gender.

  • Contact Information: including billing and delivery addresses, email addresses and phone numbers.

  • Financial Information: including payment details (such as PayPal or digital wallets) and card information.

  • Transaction Information: details of payments to and from you, and records of products and services you have purchased.

  • Technical Information: such as your IP address, login credentials, browser type and version, time zone, location, plug-in details, operating system, platform and device identifiers.

  • Profile Information: including login details, purchase history, preferences, interests, feedback and survey responses.

  • Usage Information: details of how you use our website, products and services.

  • Marketing Preferences: your choices around receiving marketing from us or third parties, and how you prefer to be contacted.

We may also use aggregated information (for example, statistics about how customers use our services). This data does not identify individuals and is used to monitor trends and improve our services.

Sensitive Information
 In certain cases, we may collect health-related information, as well as genetic or biometric data. We only collect this with your explicit consent and under the supervision of an appropriate medical professional. This enables us to provide services safely and in line with healthcare regulations.

We do not collect information relating to criminal convictions or offences.

 

 

How We Collect Your Information

We gather information in different ways, including:

  • Directly from you: when you complete online forms, create an account, purchase products, subscribe to services, request marketing, take part in promotions or surveys, or communicate with us by post, phone, email or otherwise.

  • Automatically: when you interact with our website, we collect technical information about your equipment and browsing behaviour using cookies and similar technologies. See our Cookies Policy for more detail.

  • From third parties and public sources: including:

    • identity verification providers (e.g. Lexis Nexis);

    • healthcare organisations and professionals (including NHS bodies, pharmacies and local authorities);

    • analytics and search providers (e.g. Google);

    • technical, payment and delivery service providers;

    • credit reference agencies;

    • publicly available sources.

 

 

How We Use Your Information

We will only process your personal information when permitted by law. The most common reasons are:

  • To perform a contract: when we need your data to provide products or services you have purchased, or to take steps at your request before entering into a contract.

  • For our legitimate interests: where it is necessary for our business operations (for example, preventing fraud, improving our services, or keeping our systems secure). We ensure that your rights and freedoms are not negatively affected.

  • To comply with the law: where we are legally required to process certain information (for example, for tax or regulatory purposes).

  • With your consent: where you have agreed to us using your data for a specific purpose, such as receiving marketing emails.

We have outlined below, in table format, how we plan to use your personal data and the legal bases we rely on. Where relevant, we have also stated our legitimate interests.

Please note that we may process your personal data under more than one lawful basis depending on the purpose. If you require details of the specific legal basis we rely on where more than one applies, please contact us.


Purpose / Use

Type of Data

Legal Basis for Processing

To register you as a new customer

(a) Identity

(b) Contact

(c) Health

Performance of a contract with you

To process and deliver your order, including:

(a) Managing payments, fees and charges

(b) Collecting and recovering money owed to us

(a) Identity

(b) Contact

(c) Financial

(d) Transaction

(e) Marketing & Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts owed to us)

To provide services to you as part of your order, including:

(a) Assessing your health data

(b) Ongoing check-ins regarding use of our products and services

(c) Verifying your identity before supplying certain products/services (including medicines)

(a) Identity

(b) Contact

(c) Profile

(d) Transaction

(e) Health

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to manage our relationship with you)

To manage our relationship with you, including:

(a) Informing you of changes to our terms or policies

(b) Handling your requests, complaints and queries

(c) Contacting you to complete an unfinished consultation

(a) Identity

(b) Contact

(c) Profile

(d) Marketing & Communications

(e) Health

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep records updated and manage our relationship with you)

(d) Consent, where we have obtained your agreement to be contacted

To allow you to participate in a prize draw, competition or survey

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing & Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study customer use of our products/services, to develop them and grow our business)

To administer and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting)

(a) Identity

(b) Contact

(c) Technical

(a) Necessary for our legitimate interests (to run our business, IT and network security, fraud prevention, or in a business reorganisation/restructuring)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and online advertising, and measure the effectiveness of advertising

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing & Communications

(f) Technical

Necessary for our legitimate interests (to understand customer behaviour, develop products/services, grow our business and inform our marketing strategy)

To use analytics to improve our website, products/services, customer relationships and communications

(a) Technical

(b) Usage

Necessary for our legitimate interests (to identify customer types, keep our website relevant, develop our business and inform our marketing strategy)

To send you marketing communications and personalised recommendations about our goods or services

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f) Marketing & Communications

(g) Health

(a) Necessary for our legitimate interests (to conduct direct marketing, develop our products/services and grow our business)

(b) Consent, where you have agreed to receive direct marketing

To send you marketing about third-party products and/or services

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f) Marketing & Communications

(g) Health

(a) Necessary for our legitimate interests (to conduct direct marketing, develop our products/services and grow our business)

(b) Consent, where you have agreed to receive third-party marketing

To carry out market research where you voluntarily participate in surveys

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing & Communications

Necessary for our legitimate interests (to understand how customers use our products/services and to improve and develop them)

To complete audits of our services

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f) Health

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to manage relationships, improve services and ensure compliance with laws/regulations)



Change of Purpose

We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that it is necessary to use it for another reason that is compatible with the original purpose. If you would like an explanation of how the new use is compatible, please contact us.
 If we need to use your personal data for an unrelated purpose, we will inform you and explain the legal basis that allows us to do so.
 Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where required or permitted by law.

 

 

If You Do Not Provide Personal Data

Where we are required by law, or under the terms of a contract with you, to collect personal data and you do not provide it, we may not be able to perform the contract we have with you (for example, to provide you with our products or services). In such cases, we may need to cancel a product or service you have with us, but we will let you know at the time.

 

 

Marketing

Direct Marketing
 When your personal data is collected on our website, including during registration or ordering, you may be asked to confirm your preferences for receiving direct marketing by opting in. We may also analyse your Identity, Contact, Technical, Usage and Profile Data to identify which products, services or offers may interest you, and use this to send relevant marketing communications.

Third-Party Marketing
 Unless required to refer you to another service, we will not share your personal data with third parties for marketing. On the rare occasion we do, we will obtain your express consent before doing so.
 We will never sell your personal data.

Opting Out of Marketing
 You can opt out of receiving marketing communications at any time by following the unsubscribe instructions provided in each communication.
 Even if you opt out of marketing, you will continue to receive essential service-related communications (for example, order confirmations).

 

 

Disclosures & Transfers

Disclosures of Your Personal Data
 We may share your personal data, where necessary, with the following third parties for the purposes described above:

  • healthcare professionals involved in your care;

  • regulators overseeing our services;

  • the police for crime prevention and detection, including fraud;

  • service providers acting for you in the prescribing, dispensing and supply of medicines;

  • service providers based in the UK and EEA who provide IT and administrative services;

  • professional advisers, including lawyers, bankers, auditors and insurers, based in the UK and EEA;

  • HMRC, regulators and other UK authorities requiring reporting in specific circumstances;

  • third parties in the event of a sale, transfer or merger of our business or assets.

All third parties are required to respect the security of your personal data and handle it in accordance with the law. Where they act as processors, they may only process your data for specified purposes and under our instructions. Where third parties act independently in providing services to you, they are responsible for their own use of your personal data, and you should refer to their privacy policy. Please see our website T&Cs for details of such providers.

International Transfers
 Your information is stored on secure servers within the UK / EEA.
 We may transfer your personal data to service providers outside the UK where necessary. These countries may not offer the same level of protection as UK law.
 Whenever data is transferred outside the UK, we ensure appropriate safeguards, such as:

  • the country or organisation has been recognised as providing adequate protection;

  • processors use ISO27001 and/or SOC-2 certified systems; or

  • we have a contract in place with approved terms to protect your data.
     For a copy of these contractual safeguards, please contact us.

 

 

Security & Retention

Data Security
 We have implemented suitable measures to protect your personal data from accidental loss, unauthorised access, use, alteration or disclosure. Access is limited to employees, agents, contractors and third parties who need it for business purposes and are bound by confidentiality.
 We have procedures in place to deal with suspected data breaches and will notify you and the relevant regulator where legally required.

Data Retention
 We only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including legal, regulatory, tax, accounting or reporting obligations. Data may be kept longer in case of a complaint or if litigation is likely.
 Retention periods are determined by the type, amount and sensitivity of the data, the risk of unauthorised use, the purposes of processing and any legal requirements.
 By law, we must keep certain information (such as Contact, Identity, Financial and Transaction Data) for six years after a customer relationship ends, for tax purposes. Where your personal data is part of a ‘health record’, it will be retained in line with NHS guidance (https://transform.england.nhs.uk/information-governance/guidance/records-management-code/).
 You may ask us to delete your personal data in certain circumstances – see Your Legal Rights below.
 We may also anonymise your personal data for research or statistical purposes, in which case we may use it indefinitely without further notice.

 

 

Your Rights

Legal Rights
 Under data protection laws, you have the following rights:

  • Access: request a copy of your personal data (data subject access request).

  • Correction: request correction of inaccurate or incomplete data.

  • Erasure: request deletion of your personal data in certain circumstances.

  • Object: object to processing where we rely on legitimate interests, or to direct marketing.

  • Restriction: request restriction of processing in specific cases (e.g. accuracy disputed, unlawful processing, legal claims).

  • Data Portability: request transfer of your personal data to you or another party in a structured, commonly used, machine-readable format (applies to automated processing with consent or contract).

  • Withdraw Consent: withdraw consent at any time where consent is the legal basis. This will not affect prior processing.

If you wish to exercise these rights, please contact us.

No Fee Usually Required
 You will not usually have to pay to exercise your rights. We may charge a reasonable fee or refuse to act if a request is unfounded, repetitive or excessive.

What We May Need From You
 We may need to verify your identity before responding to your request, as a security measure. We may also ask for additional details to help us respond more quickly.

Time Limit to Respond
 We aim to respond within one month. If your request is complex or you have made multiple requests, it may take longer, in which case we will keep you informed.

 

 

Cookies Policy

Our website uses cookies to distinguish you from other users. This helps us provide you with a good browsing experience and allows us to improve our website.
 A cookie is a small file of letters and numbers stored on your browser or computer, if you agree. Cookies contain information transferred to your computer’s hard drive.

We use the following types of cookies:

  • Strictly necessary cookies: required for website operation (e.g. logging in, shopping carts, e-billing). These can be disabled in your browser, but some site functions may not work.

  • Analytical/performance cookies: allow us to count visitors and see how they move around the site, helping us improve navigation and functionality.

  • Functionality cookies: used to recognise you when you return, enabling us to personalise content, greet you by name and remember preferences (e.g. language or region).

  • Targeting cookies: record pages visited and links followed, allowing us to tailor website content and advertising to your interests.

 

 

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

 

Cookie Name

1st Party / 3rd Party

Cookie Type

Purpose

Duration

_ga

3rd party

Analytical

Records a unique ID to generate data about website usage.

2 years

cart_currency

1st party

Necessary

Used for shopping cart functionality.

14 days

secure_customer_sig

1st party

Necessary

Used for customer login.

11 months & 30 days

_uetsid

3rd party

Advertising

Tracks visitor behaviour across sites to show relevant ads and limit repeated ads.

Persistent

_uetvid

3rd party

Advertising

Tracks visitors across multiple sites to display targeted ads.

Persistent

_uetsid_exp

3rd party

Advertising

Stores expiry date for the corresponding _uetsid cookie.

Persistent

_gcl_au

3rd party

Advertising

Used by Google AdSense to test ad efficiency across websites.

2 months & 29 days

IDE

3rd party

Advertising

Measures ad conversion rates.

1 year, 11 months & 29 days

test_cookie

3rd party

Advertising

Checks if the user’s browser supports cookies.

15 minutes

landing

3rd party

Advertising

Tracks interactions with online ads.

Session

_cmp_a

3rd party

Advertising

Tracks user interactions with ads.

1 day

_orig_referrer

3rd party

Advertising

Tracks landing pages.

13 days

_tracking_consent

3rd party

Advertising

Stores user tracking preferences.

11 months & 30 days

_landing_page

3rd party

Advertising

Tracks landing pages.

13 days

_fbp

3rd party

Advertising

Facebook pixel used to identify visitors for personalised advertising.

2 months & 29 days

ANONCHK

3rd party

Advertising

Unique identifier for Bing ad viewers.

10 minutes

lastExternalReferrer

3rd party

Advertising

Tracks how a user arrived at the website.

Persistent

lastExternalReferrerTime

3rd party

Advertising

Tracks how a user arrived at the website.

Persistent

SRM_B

3rd party

Advertising

Atlast Adserver used with Bing; expires after 180 days.

1 year & 24 days

ga#

3rd party

Customisation

Distinguishes users via randomly generated client IDs to calculate visits and sessions.

1 year, 1 month & 4 days

634760505

3rd party

Customisation

Analytics.

Session

CLID

3rd party

Customisation

Identifies first-time Clarity users on any site.

11 months & 30 days

_clsk

3rd party

Customisation

Connects multiple page views into a single Clarity session.

23 hours & 59 minutes

_clck

3rd party

Customisation

Persists Clarity User ID and preferences.

11 months & 30 days

MUID

3rd party

Customisation

Sets a unique user ID for tracking site usage.

1 year & 24 days

c.gif

1st party

Analytics

Analytics tracking.

Session

MR

3rd party

Performance

Used by Microsoft to reset or refresh the MUID cookie.

7 days

SM

3rd party

Performance

Session cookie to collect anonymous usage data for site improvement.

Session

cart_sig

1st party

Performance

Used in connection with shopping carts.

1 month

cart_ts

1st party

Performance

Used in connection with checkout.

1 month

cache-sprite-plyr

1st party

Performance

Stores preferences for language and region for personalised browsing.

Persistent

Disabled Cookies

3rd party

Various

Cache-sprite-plyr, protectionVariants, localization, @firebase/performance/configexpire, recentlyViewedProducts, cart, keep_alive, __kla_id, @firebase/performance/config, widgetState, _cltk, __kla_viewed, dicbo_id, Priority, _pay_session, MSPTC, Priority, Priority

Disabled

 

Please note that we have no control over the third party cookies listed above. These name third parties include advertising networks and providers of external services like web traffic analysis services. These third party cookies are likely to be analytical cookies or performance cookies or targeting cookies. To deactivate the use of third party advertising cookies, you may visit the relevant consumer page to manage the use of these types of cookies. To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout

If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/for-the-public/online/cookies/. Alternatively, you may wish to visit www.allaboutcookies.org which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your computer, as well as more general information about cookies. Please note that, as these websites are not owned or operated by us, we are not responsible for any of the content on them.

;