Wellgosh Privacy Policy

Wellgosh is committed to protecting the personal privacy of all of its customers and supporters.

The data controller for data collected and processed in accordance with this Policy is Wellgosh Ltd. Registered company no. 4704574.

Wellgosh’s address is 34 High St, Leicester, Leicestershire, LE1 5YN, United Kingdom. 

Any questions regarding this Policy or any other data protection issue related to Wellgosh should be submitted in writing to the above address or by email to support@wellgosh.com.

Why Wellgosh processes personal data

Wellgosh Ltd. collects and processes some personal data for the following specific purposes:

  • to operate its website and customer services 
  • to receive, fulfil and deal with inquiries about customer orders 
  • to provide information about its products by email and social media
  • to run occasional competitions
  • to improve its services
  • to keep records of its business activities 
  • to comply with legal obligations including consumer protection and accounting requirements

All data processing is done in conformity with UK and EU Data Protection law in accordance with the legitimate interests of Wellgosh Ltd, UK legal requirements and, in the case of marketing emails and social media, the informed consent of its customers. 

The data that Wellgosh collects

Wellgosh Ltd. collects as little personal data as is possible to meet the specific purposes described above. 

To process orders from its website and store, the data that Wellgosh Ltd. collects includes customer names, addresses, emails and phone numbers.  

In order to provide customer support, additional information such as the content of email and telephone enquiries, order numbers, the last four of debit or credit cards and, occasionally, a copy of a customer’s photo ID if it is necessary to confirm their identity, may also be processed by Wellgosh Ltd. 

The Wellgosh website also uses “cookies” which enable the further processing of personal data in limited circumstances (see further below). 

Information security at Wellgosh 

Wellgosh Ltd. takes all reasonable steps to ensure that personal data is held  securely and in accordance with this Policy. Unfortunately, the transmission of information via the internet is not completely secure. Although Wellgosh Ltd. does its best to protect personal data, it cannot guarantee the security of personal data transmitted to any of its websites. Any such transmission is therefore at the data subject’s own risk. 

For personal data in its possession, Wellgosh Ltd. implements various technical and organisational measures in order to prevent unauthorised access. Wherever possible it encrypts the data it collects, transmits and stores. Access controls within the organisation limit the number of people with has access to personal information to those that need it in connection with their job responsibilities or contractual obligations.

Wellgosh’s partners and service providers 

In order to provide customer services and meet its business objectives, Wellgosh Ltd. works with a carefully chosen group of third party service providers to perform tasks on its behalf. This includes the following service providers, who perform the following tasks.

  • Google forms to collect process data about people who sign-up to receive email updates or enter competitions
  • Mailchimp and its subsidiary Mandrill to process order data and send email updates
  • Zendesk to process customer support tickets
  • Sagepay, Paypal and eBay to process order and payment information
  • Trustpilot and Reviews.co.uk to allow customers to leave feedback or review products 
  • DPD, Fedex and Royal Mail to deliver products to customers
  • Magento and eBay to provide ecommerce services
  • Facebook, Twitter and Instagram to reach users of those platforms 
  • Sonassi Ltd to host the Wellgosh website
  • Google analytics and Criteo to provide statistical information about the use of Wellgosh website
  • Google to host the Wellgosh email server

Wellgosh Ltd. only uses the above mentioned service providers to perform the specific tasks listed above. However, these service providers may also use and retain personal data in accordance with their own policies, practices and legitimate interests. 

While Wellgosh Ltd. has taken reasonable steps to ensure that these data processors comply with this policy and EU data protection regulations, users are advised to consult the privacy policies of these companies for further information about their practices. 

Wellgosh social media accounts and pages are managed by Wellgosh Ltd. staff members. Wellgosh Ltd. does not import or export any information on its followers or subscribers from or to the aforementioned platforms. Wellgosh Ltd. may however communicate through direct messaging over social media if it is contacted this way by its customers. 

Wellgosh Ltd. will never sell its customer data. 

Wellgosh Ltd. may also engage additional third-party service providers to provide services such as information technology support. These activities may involve the access to the personal data held by Wellgosh Ltd. In these instances Wellgosh Ltd. will seek to ensure as far as possible that any such data processing is carried out in accordance with this Policy. This includes conscientiously selecting service providers and only working with trusted partners.

Jurisdiction

As far as possible, the personal data that Wellgosh Ltd. collects is stored within the European Economic Area and therefore processed in accordance with EU data protection law. However, because Wellgosh Ltd. works globally, there may be occasions where personal data is processed outside of this jurisdiction, for example by staff or contractors working for Wellgosh Ltd. from other parts of the world. In these rare instances Wellgosh Ltd. takes appropriate steps to ensure that the recipients of personal data are bound by a duty of confidentiality. 

How long Wellgosh keeps personal data

Wellgosh Ltd. retains personal data only for as long as necessary in accordance with the above purposes and applicable laws. When personal data is no longer necessary for these purposes it is securely deleted. 

Where order data and financial information is concerned, Wellgosh Ltd. may be required to retain some personal data for up to seven years in order to satisfy legal or contractual obligations, or in order to establish, exercise or defend legal claims. 

For consent-based services from which the data subject can opt-out at any time such as email updates, Wellgosh Ltd. keeps personal data until its receives instructions to the contrary.

Wellgosh’s use of cookies

Like most websites, Wellgosh Ltd. uses “cookies” to enhance the user experience of visitors to wellgosh.com. Cookies are small files which are placed on web users’ computer devices to administer content to visitors to a website. Cookies also enable Wellgosh to understand how its websites are used in order to improve its services. For more information about cookies see all about cookies. 

Cookies facilitate the processing of personal data such as device IDs but Wellgosh Ltd. does not collect or retain this information itself. 

Wellgosh’s use of Google analytics enables the collection of traffic data but does not allow Wellgosh Ltd. to identify individual users or link web usage to other personal data. 

Users of wellgosh.com can choose whether to accept or decline cookies. Wellgosh.com also honours “do not track” requests. 

The following table lists the cookies used by Wellgosh.com and the information they store.

COOKIE nameCOOKIE Description
CART The association with your shopping cart.
CATEGORY_INFO Stores the category info on the page, that allows to display pages more quickly.
COMPARE The items that you have in the Compare Products list.
CURRENCY Your preferred currency
CUSTOMER An encrypted version of your customer id with the store.
CUSTOMER_AUTH An indicator if you are currently logged into the store.
CUSTOMER_INFO An encrypted version of the customer group you belong to.
CUSTOMER_SEGMENT_IDS Stores the Customer Segment ID
EXTERNAL_NO_CACHE A flag, which indicates whether caching is disabled or not.
FRONTEND You sesssion ID on the server.
GUEST-VIEW Allows guests to edit their orders.
LAST_CATEGORY The last category you visited.
LAST_PRODUCT The most recent product you have viewed.
NEWMESSAGE Indicates whether a new message has been received.
NO_CACHE Indicates whether it is allowed to use cache.
PERSISTENT_SHOPPING_CART A link to information about your cart and viewing history if you have asked the site.
POLL The ID of any polls you have recently voted in.
POLLN Information on what polls you have voted on.
RECENTLYCOMPARED The items that you have recently compared.
STF Information on products you have emailed to friends.
STORE The store view or language you have selected.
USER_ALLOWED_SAVE_COOKIE Indicates whether a customer allowed to use cookies.
VIEWED_PRODUCT_IDS The products that you have recently viewed.
WISHLIST An encrypted list of products added to your Wishlist.
WISHLIST_CNT The number of items in your Wishlist.

Your fundamental rights 

In accordance with UK and EU data protection law, persons whose data is held by Wellgosh Ltd. enjoy the following rights:

  • to be informed as to whether Wellgosh Ltd. holds data about them;
  • to get access to that information;
  • to have inaccurate data corrected;
  • to have their data deleted;
  • to opt-out of particular data processing operations;
  • to receive their data in a form that makes it “portable”;
  • to object to data processing;
  • to receive an explanation about any automated decision making and/or profiling, and to challenge those decisions where appropriate.

To make a subject access request or data protection-related complaint contact support@wellgosh.com or write to the address above. Requests can be submitted at any time. Wellgosh Ltd. will provide a response to any such requests in accordance with UK data protection law. 

Data subjects covered by EU law may also be entitled to lodge complaints in regard to data processing or the handling of subject access requests with data protection supervisory authority in their country of residence. Relevant supervisory authority names and contact details are listed here. In the UK the relevant supervisory authority is the UK Information Commissioner’s Office.

Changes to the Policy

In the event that the Policy is changed at any time, the date and nature of the change will be clearly indicated in this document. 

In the event that the change has a material impact on the handling of personal data, Wellgosh Ltd. will contact the data subjects to inform of the changes and where appropriate seek their consent.

Revisions

Last update 9 May 2018.