Privacy Policy
Last updated: 5 June 2026
This Privacy Policy explains how Vibrantiactiveis.ddd (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you visit https://vibrantiactiveis.world/ or contact us.
Following the United Kingdom’s withdrawal from the European Union, data protection in Great Britain is governed by the UK General Data Protection Regulation (UK GDPR) — the retained EU GDPR as amended and incorporated into UK law — together with the Data Protection Act 2018 (DPA 2018). Cookie and similar technologies are additionally regulated by the Privacy and Electronic Communications Regulations 2003 (PECR), as amended. References to “GDPR” in this policy mean the UK GDPR unless stated otherwise.
This policy applies to visitors and enquirers in the United Kingdom. If you access our site from outside the UK, local laws may also apply to you.
1. Data Controller, ICO Registration, and Contact
The data controller responsible for your personal data is:
Vibrantiactiveis.ddd
Janson Rd, Shirley, Southampton SO15 5GJ, United Kingdom
Email: chat@vibrantiactiveis.world
Phone: +44 7971 442093
We process personal data as a data controller and are registered with the Information Commissioner’s Office (ICO) under the UK data protection fee regime (organisations that process personal data for specified purposes must pay a fee to the ICO). Our ICO registration reference is ZB518472. You can verify registration at ico.org.uk.
For data protection enquiries or to exercise your rights, email chat@vibrantiactiveis.world with the subject line “Data protection request”. We are not required to appoint a Data Protection Officer under UK GDPR Article 37, but you may contact us directly for any privacy matter.
2. Personal Data We Collect
We may collect the following categories of personal data:
- Identity and contact data: name and email address when you submit our contact form.
- Communication data: message content, date and time of enquiry, and records of our replies.
- Consent records: whether you agreed to data processing (GDPR checkbox) and cookie preferences.
- Technical data: IP address, browser type and version, time zone, operating system, device type, pages viewed, time on page, and referral URL.
- Usage data: aggregated analytics about how the website is used (only where you consent to analytics cookies).
We do not routinely collect special category data (e.g. detailed health information). Please avoid sending sensitive personal data via the contact form unless necessary; if you do, you consent to our processing it solely to respond to your enquiry.
We do not collect payment card data on this website. Event registration, where offered, is handled by enquiry only unless stated otherwise.
3. How We Collect Data
- Directly from you — contact form, email, or phone.
- Automatically — server logs and cookies/local storage (see our Cookie Policy).
- Third parties — hosting providers may process technical logs; embedded Google Maps may process location-related data under Google’s terms when you interact with the map on our Contact page.
4. Purposes, Lawful Bases, and Necessity
Under UK GDPR Article 6, we rely on the lawful bases below. Where we rely on legitimate interests, we have balanced our interests against your rights and concluded that processing is necessary and proportionate.
| Activity | Purpose | Lawful basis | Data categories |
|---|---|---|---|
| Contact form | Respond to questions and event interest | Legitimate interests (running our service) / Steps prior to contract at your request | Identity, contact, communication, consent |
| Website operation | Deliver pages, maintain security, prevent abuse | Legitimate interests / Legal obligation where applicable | Technical data |
| Cookie consent storage | Record and honour your cookie choices | Legal obligation (PECR) / Legitimate interests | Consent records, technical data |
| Analytics | Understand site use and improve content | Consent (PECR for non-essential cookies) | Usage, technical data |
| Marketing | Measure campaigns if enabled | Consent | Usage, technical data |
| Legal claims & compliance | Establish, exercise, or defend legal rights; comply with law | Legal obligation / Legitimate interests | All relevant categories |
Mandatory fields: Name, email, message, and GDPR consent are required to use the contact form. Without them we cannot process your enquiry. Consequences: if you do not provide required data, we cannot reply via the form (you may still email or call us).
5. Legitimate Interests
Where we rely on legitimate interests, these include: operating an informative website; responding to correspondence; protecting our network from attacks; and keeping appropriate business records. You have the right to object to processing based on legitimate interests where UK GDPR Article 21 applies. Contact us with your reasons; we will assess your request and respond within one month.
6. Marketing Communications (PECR)
We do not send unsolicited marketing email without your consent. If you contact us about events or workshops, we may reply with relevant information about that enquiry only. Any future optional newsletter would require separate opt-in with an easy unsubscribe mechanism. We maintain a suppression list to honour opt-outs.
7. Recipients and Processors
We may share personal data with:
- IT and hosting providers — website hosting, email delivery, and security services (processors under UK GDPR Article 28 contracts).
- Professional advisers — lawyers or accountants where necessary (under confidentiality duties).
- Regulators and authorities — ICO, police, or courts when required by law.
- Google Ireland Limited — if you use embedded maps (see Google Privacy Policy).
We do not sell your personal data. We require processors to process data only on our documented instructions and to apply appropriate security measures.
8. International Transfers
We aim to store and process data within the United Kingdom. If any processor transfers personal data outside the UK, we ensure a valid transfer mechanism under UK GDPR Chapter V, such as:
- UK adequacy regulations (where the destination country is approved);
- UK International Data Transfer Agreement (IDTA) or Addendum to EU Standard Contractual Clauses; or
- Another approved safeguard or explicit derogation where permitted.
Request further information about safeguards by contacting us.
9. Retention Periods
- Contact form and email enquiries: up to 24 months from last contact, unless a longer period is needed for legal claims.
- Server and security logs: up to 90 days.
- Cookie consent records: up to 12 months (browser/local storage) and aligned server records where held.
- Marketing consent records: for the duration of consent plus 6 years for regulatory evidence.
- Legal claims: up to 6 years after the matter closes (Limitation Act 1980, where applicable).
When retention ends, we delete or anonymise data securely.
10. Security and Data Breaches
We implement appropriate technical and organisational measures under UK GDPR Article 32, including HTTPS/TLS encryption, access controls, and contractual security obligations with processors. No online transmission is completely secure; please use a secure email environment when contacting us.
If we become aware of a personal data breach likely to affect your rights, we will notify the ICO within 72 hours where required under UK GDPR Article 33 and inform you without undue delay when Article 34 requires it.
11. Automated Decision-Making and Profiling
We do not use automated decision-making or profiling that produces legal or similarly significant effects on you (UK GDPR Article 22).
12. Your Rights Under UK GDPR
Subject to conditions and exemptions in the DPA 2018, you have the right to:
- Access — receive a copy of your personal data (Article 15).
- Rectification — correct inaccurate data (Article 16).
- Erasure — request deletion in certain circumstances (Article 17).
- Restriction — limit processing in certain cases (Article 18).
- Data portability — receive data you provided in a structured, machine-readable format where processing is based on consent or contract and carried out by automated means (Article 20).
- Object — object to processing based on legitimate interests or for direct marketing (Articles 21–22).
- Withdraw consent — at any time where processing is based on consent, without affecting lawfulness before withdrawal (Article 7(3)).
How to exercise your rights: email chat@vibrantiactiveis.world with sufficient detail to identify you and the right you wish to exercise. We may request proof of identity where necessary to prevent unauthorised disclosure. We respond within one calendar month, extendable by up to two further months for complex requests (we will explain any extension).
We do not charge a fee unless requests are manifestly unfounded or excessive.
13. Right to Complain to the ICO
You have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom
Website: ico.org.uk/make-a-complaint
Helpline: 0303 123 1113
We encourage you to contact us first so we can try to resolve your concern.
14. Children
Our website is directed at adults interested in general lifestyle and nutrition information. We do not knowingly collect personal data from children under 13. If you are 13–17, please obtain parental or guardian consent before contacting us. If we learn we have collected a child’s data without appropriate consent, we will delete it promptly.
15. Third-Party Websites
Our site may link to external websites. We are not responsible for their privacy practices. Review their policies before providing personal data.
16. Online Advertising
We may use online advertising platforms to promote our free educational content. Where remarketing or conversion measurement is used, it relies on cookies or similar technologies only after you consent via our cookie banner (marketing/analytics categories). Google may process data under its own privacy policy: policies.google.com/privacy. Our adverts describe the website accurately and do not promote prescription medicines or guaranteed health outcomes.
17. Changes to This Policy
We may update this Privacy Policy to reflect legal or operational changes. The “Last updated” date will change accordingly. Material changes may be notified on our homepage. Continued use after changes constitutes acknowledgement of the updated policy where permitted by law.
18. Related Policies
See also our About Us, Cookie Policy, Terms of Use, and Contact page.