Privacy Policy
We are committed to protecting your personal data and your right to privacy. This policy explains how we collect, use, and safeguard your information.
Contents
1. Who We Are
Vance Medical Foods Ltd ("Vance Medical", "we", "us", or "our") is the data controller responsible for your personal data collected through the Gastro Health Hub platform at gastrohealthhub.com.
We are committed to processing your personal data lawfully, fairly, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
Information you provide directly
- Account registration: name, email address, password (hashed), and account type (patient or healthcare professional)
- Profile information: optional fields such as condition type, clinical specialty, and profile preferences
- Contact forms: name, email address, and message content
- Tool inputs: data you enter into calculators, health trackers, quizzes, and the AI chat feature
Information collected automatically
- Usage data: pages visited, features used, time on site, click interactions
- Device & technical data: IP address, browser type and version, operating system, referring URLs
- Cookies: session and preference data as described in Section 6
Information we do not collect
We do not collect special category data (e.g. diagnosed medical conditions) unless you choose to provide it for the purpose of using our personalisation tools. Such data is processed only with your explicit consent and is not shared with third parties for marketing purposes.
3. How We Use Your Information
| Purpose | Examples |
|---|---|
| Providing the Platform | Creating and managing your account; delivering personalised content and tool results |
| Communication | Responding to enquiries; sending service-related updates (e.g. password resets) |
| Improving the Platform | Analysing usage patterns; identifying bugs; developing new features |
| Safety & Security | Detecting and preventing fraud, abuse, or unauthorised access |
| Legal Obligations | Complying with applicable law, regulatory requests, or court orders |
4. Legal Basis for Processing
Under UK GDPR, we rely on the following lawful bases:
- Contract performance — to provide your account and deliver the services you have requested
- Legitimate interests — to improve and secure the Platform, and to communicate relevant service updates, where our interests are not overridden by your rights
- Legal obligation — to comply with applicable law
- Consent — where you have given explicit consent, such as for optional personalisation features or marketing communications. You may withdraw consent at any time
5. Sharing Your Data
We do not sell your personal data. We may share your information with:
- Service providers acting as data processors on our behalf — including web hosting, analytics, email delivery, and AI model providers — under strict data processing agreements
- Professional advisors — such as lawyers or auditors — where necessary and under confidentiality obligations
- Regulatory or legal authorities — where required by law or to protect the rights of Vance Medical or others
Any third-party processors we engage are contractually required to implement appropriate technical and organisational security measures and to process data only on our documented instructions.
6. Cookies & Tracking
We use cookies and similar tracking technologies to operate and improve the Platform. Cookies are small text files stored on your device when you visit our site.
| Type | Purpose |
|---|---|
| Essential | Required for the Platform to function — e.g. login sessions, security tokens |
| Functional | Remember your preferences and settings between visits |
| Analytics | Understand how visitors use the Platform (e.g. page views, popular content) |
You can control cookies through your browser settings. Disabling non-essential cookies will not affect your ability to use the core Platform, but some features may be limited.
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.
- Account data is retained for the duration of your account and for up to 2 years after deletion, for legal and audit purposes
- Contact form data is retained for up to 12 months
- Analytics data is retained in aggregated, anonymised form indefinitely
8. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, please contact us using the details in Section 13. We will respond within one calendar month. We may need to verify your identity before processing your request.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or alteration. These include encrypted storage, access controls, and regular security assessments.
While we take every reasonable precaution, no method of transmission over the internet is completely secure. If you become aware of any security vulnerability relating to our Platform, please contact us promptly at info@gastrohealthhub.com.
10. International Transfers
Some of our third-party service providers may process data outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place — such as the International Data Transfer Agreement (IDTA) or adequacy decisions — to ensure your data receives equivalent protection.
11. Children's Privacy
The Platform is not intended for use by children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy periodically. The "Last updated" date at the top of this page will reflect when changes were made. Where changes are material, we will notify registered users by email or via a prominent notice on the Platform.
We encourage you to review this Policy periodically to stay informed about how we are protecting your information.
13. Contact & Complaints
If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us:
Vance Medical Foods Ltd
Email: info@gastrohealthhub.com
Phone: +44 (0)1628 526 005
Website: gastrohealthhub.com
Supervisory Authority: If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
ico.org.uk | Helpline: 0303 123 1113