Privacy Policy and GDPR Compliance

BellyProof LTD is committed to safeguarding your privacy. Contact us if you have any questions or problems regarding the use of your Personal Data and we will gladly assist you.

By using this site or/and our services, you consent to the Processing of your Personal Data as described in this Privacy Policy.

Clarification on MovementFirst.co.uk and BellyProof.com

BellyProof LTD is a registered trademark and our brand name. We use BellyProof.com as a platform to present and market our on-line services.

BellyProof.com does not gather any identifying personal data, it does make use of the following:

General cookies (non-identifying) to improve user experience and navigation.
Standard Facebook Pixel (described further below)
Anonymized traffic analytics by Google Analytics used to understand how users are engaging with the content in order to improve it.

In simple terms, that means the BellyProof.com website uses cookies but does not directly collect and store any personal information about you.

MovementFirst.co.uk is where all user interaction happens, where members can register, purchase or subscribe to content as well as request and receive support. All processing of any identifying information happens on the MovementFirst.co.uk website, which operates as part of the BellyProof brand.

If you wish to see the personal data we collected on you (regardless if you are a customer or a free member) in a machine readable format or make a request to delete your account (excluding information regarding purchases you have made), please contact us or make a data request here. You can also view more detailed information about any transactions, subscriptions or update your contact information at your My Account page. We will do our best to assist you with anything within 72 hours should you need us to.

Please note: if you have made a purchase and need to access the content you paid for, you will need your account to do so.

Definitions used in this Policy
Data protection principles we follow
What rights do you have regarding your Personal Data
What Personal Data we gather about you
How we use your Personal Data
Who else has access to your Personal Data
How we secure your data
Information about cookies
Contact information

Personal Data – any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
Data subject – a natural person whose Personal Data is being Processed.
Child – a natural person under 16 years of age.
We/us (either capitalized or not) – BellyProof LTD (operating both as BellyProof.com and MovementFirst.co.uk)

We promise to follow the following data protection principles:

Processing is lawful, fair, transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
Processing is limited to the purpose. Our Processing activities fit the purpose for which Personal Data was gathered.
Processing is done with minimal data. We only gather and Process the minimal amount of Personal Data required for any purpose.
Processing is limited with a time period. We will not store your personal data for longer than needed. In the case you have paid for a product, we will never dismiss the record to allow you to access your purchase at any time, unless you request for your account to be deleted. If we detect you have subscribed to a free service, which is not being used by you, we will attempt to contact you to verify your wishes before deleting your subscription.
We will do our best to ensure the integrity and confidentiality of data.

The Data Subject has the following rights:

Right to information – meaning you have to right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
Right to access – meaning you have the right to access the personal data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered.
Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
Right to object to processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled please contact us.
Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data.

Information you have provided us with
This might be your e-mail address, name, location address etc – mainly information that is necessary for delivering you a product/service or to enhance your customer experience with us.

We retain some fitness information such as messages you communicate to us, including if you have any health conditions that affect your ability to do the program, dietary preferences or requirements, your weight and body fat percentage and some supplements preferences. We store this information safely in our database and it is only available to you (the end user) and us (when we need to provide support). We never pass any personal or health information about you, in any shape or form, to any third party for any reason. We only use this information to communicate with you, personalize your experience and make better decisions regarding the recommendations we give you.

The information is stored securely on Google Servers (email communications via “Gmail / Google Mail”) and our a secure MySQL databases located in London, United Kingdom. Our website and databases operates from servers physically located in the UK (via our hosting provider TSOHOST) and is further optimized for security and faster delivery via the CloudFlare CDN service.

Personal Communications

Some customers choose to contact us about a variety of subjects, often for advice. In some of those communications, there may be sensitive details you have chosen to share with us, such as personal body images, health conditions or medications you take. These communication are usually initiated by users or people interested in our services via a range of communication platforms including emails, facebook, whatsapp etc.

We aim to do our best to help and give good, relevant advice. Unless you request us to delete these communications, we keep them so that we can continue to help and reference previous conversations should you contact us again at a later date (for example, after you started one of our programs).

We periodically delete sensitive information about you from our personal records (such as personal Gmail / Facebook account) after two (2) years, when it’s no longer useful for our communications with you.

Information automatically collected about you
This includes information that is automatically stored by cookies and other session tools. For example, your shopping cart information, your IP address, your shopping history (if there is any) etc. This information is used to improve your customer experience. When you use our services or look at the contents of our website, your activities may be logged. This is required by the platform we are using to ensure you can maintain your session without being logged out in the middle of the process.

Information from our partners
We gather information from our trusted partners with confirmation that they have legal grounds to share that information with us. This is either information you have provided them directly with or that they have gathered about you on other legal grounds. See the list of our partners here.

We use your Personal Data on legitimate grounds and/or with your Consent.

On the grounds of entering into a contract or fulfilling contractual obligations, we Process your Personal Data for the following purposes:

to identify you;
to provide you a service or to send/offer you a product;
to communicate either for purchasing, invoicing or to provide customer support.

On the ground of legitimate interest, we Process your Personal Data for the following purposes:

To send you personalized offers.
To administer and analyse our client base (purchasing behaviour and history) in order to improve the quality, variety, and availability of products/ services offered/provided;
To conduct questionnaires concerning client satisfaction;

As long as you have not informed us otherwise, we consider offering you products/services that are similar or same to your purchasing history/browsing behaviour to be our legitimate interest.

With your consent we Process your Personal Data for the following purposes:

To give you access to our services, programs and identify visitors from paid members.
To send you newsletters, updates about your purchases and from time to time, to let you know if we are holding special offers.
To send you reports you request, a personalized meal plan if you have purchased the service and requested it and to provide customer support.

We save your billing information and other information gathered about you for as long as needed for accounting purposes or other obligations deriving from law, but not longer than 7 years.

We will not use or process your personal information for any other purpose without your prior consent.

Personal Data about you is in some cases provided to our trusted partners in order to either make providing the service to you possible or to enhance your customer experience. We only work with Processing partners who are able to ensure adequate level of protection to your Personal Data. We will only disclose your Personal Data to third parties or public officials if required by law. We share your data with:

Our Personal Data processing partners:

SendGrid – We make use of SendGrid servers to processes emails (both newsletter emails and transnational emails). Please be aware that SendGrid will store some information about all emails sent through its servers, including how users interact with the emails.
OneSignal – We make use of OneSignal on some platform to allow you to receive notifications from the website. This is done by consent (“this website would like to send you notifications” box with agree / disagree buttons). You can always withdraw your consent (here is a guide if you would like to do so).

Our Sensitive Data processing partners:

PayPal and Stripe (see “How do we process payment and what data is saved” below).

To view the privacy policy for the service outlines above see: SendGrid, OneSignal, PayPal, Stripe.

How do we process payment and what data is saved

Regular and Subscription Payments – We offer a subscription service (BellyProof Muscle) and a number of services who requires one time payment. While we present the offers and pricing on our websites, authorization and payment happens entirely offsite at either PayPal servers or Stripe servers (this is determined by you at the checkout page). Both payment processors operate under the highest security technologies to keep your financial data secure and we can only trigger a payment through our website if you have pre-authorized it in an agreed interval (e.g. every three months for a subscription). You can view, cancel and refund (within 14 days) any paid subscription in your “my account” page or by contacting us.
Financial Data – We operate a register of all orders (completed, refunded, cancelled or on-hold) and contact information associated with them. This is to ensure compliance with tax regulations and to keep our records in-line with government requirements. We also use this data to provide support for products you purchase from us. Even though you may choose to enter your credit card details to initiate payment, we will never save any financial information (processing, authorization and payment processing happens strictly on Stripe or PayPal secured servers).

We do our best to keep your Personal Data safe. We use safe protocols for communication and transferring data (such as HTTPS). We use anonymising tools where suitable. We monitor our systems for possible vulnerabilities and attacks. It’s important for you to know that we do not at any level, store critical information such as social security numbers or financial data such as credit cards.

Even though we try our best we can not guarantee the security of information. We are legally required to notify both you and the authorities in case of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

Our websites are stored on servers physically located in the United Kingdom (via our hosting provider TSOHOST) and are further optimized for security and performance by the CloudFlare CDN network.

If you have an account with us, note that you have to keep your username and password private.

Links to Privacy Policies of mentioned services: CloudFlare, TSOHOST

Children

We do not intend to collect or knowingly collect information from children. We do not target market our services to children.

We use cookies and/or similar technologies to analyse customer behavior, administer the website, track users’ movements, and to collect information about users. This is done in order to personalize and enhance your experience with us.

A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make sites work. Only we can access the cookies created by our website. You can control your cookies at the browser level. Choosing to disable cookies may hinder your use of certain functions.

We use cookies for the following purposes:

Necessary cookies – these cookies are required for you to be able to use some important features on our website, such as logging in and verifying your identity. These cookies don’t collect any personal information. We do operate an activity log to identify potential security threats although they are not kept for more than 60 days.
Functionality cookies – these cookies provide functionality that makes using our service more convenient and makes providing more personalized features possible. For example, they might remember your name and e-mail in forms so you don’t have to re-enter this information next time or whether you have been previously introduced to a special offer on the website.
Analytics cookies – these cookies are used to track the use and performance of our website and services.

You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some third party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

We use Google Analytics to measure traffic on our website and to conduct historical research. This is used to understand how users interact with our website, improve content and make decisions to improve user experience. The information is anonymized and cannot be attributed to you. We have audited all the website plugins and url parameters to make sure no personal information is relayed to google analytics, a required condition set by Google terms of use. Google has their own Privacy Policy which you can review here. If you’d like to opt out of tracking by Google Analytics, visit the Google Analytics opt-out page.

Upon consent, we may use a standard Facebook pixel to determine audiences who engage with various pages and subjects on the website. That means if you have viewed a page on a certain subject, that will help us “re-target” you on Facebook and its’ associated platforms to show you more information or offers that relevant to the pages and subject you were looking at. We do not store information on who you are but rather we let Facebook record your visit to pages on our websites in order to see if we can offer you more relevant information on the subjects you viewed. You are in control of this feature via your Facebook account settings and can opt-out of it by default if you choose to at any point in time. Here is a guide on how to opt out of the Facebook pixel.

Here are the direct links to the Privacy Policies for the following services: Google Analytics, Facebook.

We make use of video embeds (YouTube Privacy Policy and Vimeo Privacy Policy) which may collect some data from you anonymously. For example, what device and screen size you use, your connect speed and how much of the video you are viewing, in order to deliver a better experience. This process only occurs once you click to play a video.

We use standard social sharing functionality to allow you to share content on popular social media platforms such as Facebook, Google Plus, Twitter, LinkedIn and Pinterest. These third parties send some data to understand who you are, whether you have subscribed, liked or shared the requested content before, whether you have an account and you are logged in to the social provider and the page you are attempting to share.

You may at any given time change your cookie preferences at the bottom of this page.

Supervisory Authority

https://ico.org.uk

We reserve the right to make change to this Privacy Policy.
Last modified: 23rd of May 2018

We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.