Healthlab Online Limited (t/a The Fast 800) and/or its subsidiaries and holding companies (including Prescribed Investments Pty Ltd ABN 92 169 233 916) (together and separately, “we” / “us” / “our” / the “Company”) is committed to protecting and respecting your privacy.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed, stored and disclosed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
By visiting
or any other website owned by us (each the Site) or using any services offered through or associated with our Site (the Services), you are deemed to have accepted and consented to the practices described in this policy.
The Site is owned and operated by Healthlab Online Limited (t/a The Fast 800), registered in England and Wales under company number 10616389 and has its registered office at 9 Thorney Leys Park, Witney, Oxfordshire, OX28 4GE (our Company Address).
We process personal data as a Data Controller, as defined in the Directive and the General Data Protection Regulation (GDPR).Our Data Protection Officer (“DPO”) who is responsible for matters relating to privacy and data protection is Paul Clare and he can be reached at security@thefast800.com.
The Site contains links to and from the websites of our partner networks, advertisers and affiliates or to websites shared by other users. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You must respect the privacy of others and you must not disclose any personal details about other people including your family, friends, acquaintances, or other persons that may be misleading or cause them harm or offence. It is your responsibility to obtain their prior express permission in respect of any submission of their data at any time.
We collect and process personal information so we can provide our Services to you. It’s important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
The data we collect and process about you is explained in the sections below.
| How we collect the data | The types of personal data we collect |
| Data you give us – You give us information about you by filling in forms on our Site or by corresponding with us by phone, email or otherwise. This includes information you provide when you fill out our contact form, register to use the Site, record information on your Site profile or weight and activity tracker, subscribe to our marketing database, subscribe to our services, place an order on our site, participate in discussion boards or other social media functions on our Site, or report a problem with the Site. | The information you give us includes names, email address or login details, phone number, order details, spatial data (location data), and behavioural data. |
| Data we collect automatically – Each time you visit or use our Site, we automatically collect data (including personal data) about you. We use this information as statistical data about your browsing actions and patterns, for system administration, and to evaluate, provide, protect or improve our Services (including by developing new products and services). Because we collect, use and share this information in the aggregate, it does not identify any individual. | Depending on the circumstances, this could include: -technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, location, network data, browser plug-in types and versions, languages, operating system and platform; -information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Site (including date and time); pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number. |
| Data We Receive From Third Parties – We use third parties to collect data on our behalf. | We receive data from third parties such as Klaviyo and MailChimp (for marketing email automation), Google Analytics, Facebook Pixel and HotJar (for collecting behavioural information on our website), Google and FaceBook (for digital marketing services), Braintree (for payment collection), and select marketing partners such as The Daily Mail. For more information on how these companies handle your personal data, please refer to their privacy policies. |
Sensitive personal data (also known as special category data) means information related to personal data revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic data; biometric data (where used for identification purposes); data concerning health; data concerning a person’s sex life; and data concerning a person’s sexual orientation.
As part of the Services we collect sensitive personal data being data concerning health in the following ways:
We only collect sensitive personal data with your explicit consent, and you are not required to provide us with sensitive data to use our Services.
We do not knowingly or intentionally collect any other sensitive personal data or information about criminal convictions from individuals and that you should not submit sensitive data to us other than as explicitly requested by us as part of the Services.
If you do submit sensitive data to us, we will assume that you have consented to us collecting and processing that sensitive personal data in accordance with this clause.
If you submit or share any other types of sensitive personal data which we have not requested from you or which is not set out above, such as if you make this sensitive data available to other users of the Services (such as by publishing it through any forum feature we may make available from time to time) we will assume that you have purposefully made any such sensitive data manifestly public.
We use your data to carry out our Site and Services in the following ways:
We also use your data to make our Site and Services better in the following ways:
We intend to send you email marketing to inform you of our services such as promotions.
We will always ask you for your consent before sending you marketing communications, except where you have explicitly opted-in to receiving email marketing from us in the past or except where you were given the option to opt-out of email marketing when you initially signed up for your account with us and you did not do so.
You will have the right to opt out of receiving marketing communications at any time by:
We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please notify us in writing or by email at security@thefast800.com.
All of your personal information is protected and we have put in place appropriate physical, electronic, and management procedures to safeguard and secure the data we collect. Your information is stored on secure cloud databases, internal servers, and on third party softwares. All hosting is behind firewalls and all databases and cloud storage is encrypted. Your information is only accessible by employees who have authorised access rights to such information being exclusively those who have a genuine business need to access it. All of your payment information is encrypted using SSL technology.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we use strict procedures and the security features described above to try to prevent unauthorised access. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We only keep your personal information for as long as it’s necessary for our original legitimate purpose for collecting the information and for as long as we have your permission to keep it. If requested, we will delete your information promptly after you close or cancel your account. You may close your Fast 800 account at any time by emailing support@thefast800.com or, if you are a Fast 800 monthly subscription user, you can cancel your subscription within “My Profile”. If you are a member on the 12-week programme, you can cancel your account any time. Users registered with thebloodsugardiet.com or cleverguts.com can request that we close their account by using the “Contact Us” form on those sites.
We routinely share personal data with service providers we use to help us run our business or provide the services or functionalities in the Services, including developers, cloud storage providers, parties such as WPEngine and Google (for data storage), Facebook and Google (for targeted online marketing), Klaviyo and MailChimp (for marketing email automation), Google Analytics, Facebook Pixel and HotJar (for collecting behavioural information on our website), and Braintree (for payment collection). These third parties have access to data we share with their platforms.
We exert no control over Google’s Privacy Policy and we therefore recommend that you consult their privacy policy for further information on how Google protects personal data – https://policies.google.com/privacy?hl=en-US
We only allow service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.
We or the third parties mentioned above may occasionally also need to share your personal data with:
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below). We will not share your personal data with any other third party.
You may choose to share any information, photographs or other content that you voluntarily submit to the Site either on public forums and public areas of the Site or within your private network (meaning users on the private forum or other users you have invited or accepted as members of your closed network). Such data will become available and viewable by other users as controlled by any applicable privacy settings that you define. Once you have shared your content or made it public, that content may be re-shared by others
If you choose to connect to social media networks from our Site or post any of your content on our Site to those networks, then in accordance with your social media privacy settings, the personal information that you post, transmit, or otherwise make available on the social media platform may be viewed and/or used by other users of those networks and we have no control over such viewing and use and cannot prevent further use of such information by third parties. When you interact with us through social media networks, you acknowledge that we may access your information that is held by that account, solely in accordance with your social media privacy settings.
Any links to social media are not under our control and remain solely your responsibility. You acknowledge that any information posted via social media through our Site or any third party you allow to access your content, is done entirely at your own risk and that by posting to a public platform you make that information visible to third-parties who can use that information at their discretion.
The data that we collect from or about you is transferred to, and stored at, a destination outside the European Economic Area (EEA). By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated as securely as it would be within the EEA and under the GDPR. Such steps may include our entering into contracts with any third parties we engage and the use of Commission-approved Model Contractual Clauses. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
You can obtain more details of the protection given to your personal data when it is transferred outside Europe (including a copy of the standard data protection clauses and agreements which we have entered into with recipients of your personal data) by contacting us as described in the How to Contact Us paragraph below.
You may review, modify, update, correct or remove any personal data you have submitted to the Site at any time via the Site or by contacting us (see “How to Contact Us” section below). If you remove information that you posted to the Site, copies may remain viewable in cached and archived pages of the Site, or if other users or third party APIs have copied or saved that information.
You generally have the following rights, which you can usually exercise free of charge. For more information regarding these rights, please visit the ICO website here.
| Access to a copy of your personal data | The right to be provided with a copy of your personal data. |
| Correction (also known as rectification) | The right to require us to correct any mistakes in your personal data. |
| Erasure (also known as the right to be forgotten) | The right to require us to delete your personal data—in certain situations. |
| Restriction of use | The right to require us to restrict use of your personal data in certain circumstances, e.g. if you contest the accuracy of the data. |
| Data portability | The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations. |
| To object to use | The right to object: – at any time to your personal data being used for direct marketing (including profiling) – in certain other situations to our continued use of your personal data, e.g. where we use your personal data for our legitimate interests. |
| Not to be subject to decisions without human involvement | The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you We do not make any such decisions based on data collected by the Services. |
For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ below). You may also find it helpful to refer to the guidance from the UK’s Information Commissioner on your rights under the UK GDPR.
If you would like to exercise any of those rights, please complete a request form—available on our Site, via email to security@thefast800.com or by writing to us at our Company Address.
When contacting us please:
We will notify you and any applicable regulator of a breach of your personal data when we are legally required to do so.
Please contact us if you have any queries or concerns about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.
You also have the right to lodge a complaint with the Information Commissioner.
The Information Commissioner can be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113.
We may change this privacy policy from time to time. When we make significant changes we will take steps to inform you, for example via the Services or by other means, such as email.
You can contact us by post or email if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.
Our contact details are shown below:
