Privacy Policy

Privacy Policy – Last Updated 27.05.26

Introduction

Welcome to NUTRI-LINK LTD’s Privacy Notice.

NUTRI-LINK LTD is committed to protecting your personal data and ensuring transparency in how we process it.  Our practices are designed to uphold your rights, maintain lawful processing, and safeguard your information through appropriate technical and organisational measures.

1.Important information and who we are

Purpose of this Privacy Notice

This Privacy Notice aims to give you information on how NUTRI-LINK LTD collects and processes your personal data through your use of this website & telephone, including any data you may provide through this website & telephone  when you sign up to our newsletter, purchase a product or service or take part in a competition.

This website is not intended for children, and we do not knowingly collect data relating to children.

It is important that you read this Privacy Notice together with any other Privacy Notice or fair Processing Notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your data.

Controller

NUTRI-LINK LTD is the controller and is responsible for your personal data (collectively referred to as “NUTRI-LINK LTD”, “we”, “us” or “our” in this Privacy Notice). Nutri-Link Ltd is the data controller responsible for your personal data. Contact: [email protected]

If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact the Nutri-Link Data Protection Team using the details set out below.

Data Protection Complaints

Under applicable data protection law, including the Data (Use and Access) Act 2025, you have the right to raise a complaint with us regarding how we have handled your personal data. You have the right to make a complaint at any time to the management of Nutri-Link Ltd using our complaints procedure, which can be found here: nutrilink.co.uk/complaints 

We are committed to handling data protection complaints transparently, fairly, and without undue delay.

How to make a complaint

You can submit a data protection complaint to us using any of the following methods:

• Email: [email protected]
• Telephone: 0333 577 0404
• Post: 24 Milber Trading Estate, Newton Abbot, Devon, TQ12 4SG, United Kingdom

Complaints can be raised in any format. You are not required to use a specific form.

What happens next

When we receive a data protection complaint, we will:

• Acknowledge receipt of your complaint within 30 days
• Investigate the matter without undue delay
• Keep you informed of progress where appropriate
• Provide our outcome and any actions taken

We aim to resolve complaints as quickly and fairly as possible.

Escalation

Alternatively, if you are not happy with the outcome, you can make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We’re registered with the ICO under number Z8107322. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to the Privacy Notice and your duty to inform us of changes

This version was last updated on 20.05.26. This supersedes any previous privacy policy that was already in place with Nutri-Link or any of its group of companies.

Contact Details

Our full details are:

• NUTRI-LINK LTD
• Email Address: [email protected]
• Postal Address: 24 Milber Trading Estate, Newton Abbot, Devon, TQ12 4SG. United Kingdom.
• Telephone number: 0333 577 0404

The personal data we hold about you must be accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the Privacy Notice of every website you visit.

2. The data we collect about you

We use cookies and similar technologies for analytics, personalisation, and advertising purposes.

Where these technologies are not strictly necessary for the operation of our website, we rely on your consent as the legal basis for processing your personal data, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications Regulations (PECR).

Analytics cookies help us understand how users interact with our website and improve our services. Advertising and tracking technologies help us deliver relevant content and measure the effectiveness of our marketing. These cookies are only set after you provide your consent through our cookie banner.

You can manage or withdraw your consent at any time via the “Cookie settings” link on our website. For more detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

Where data is processed for analytics purposes without the use of cookies or similar technologies, and only in an aggregated or anonymised form, we may rely on our legitimate interests to improve our website and services, ensuring that your rights and freedoms are not overridden.

We rely on different legal bases depending on the purpose of processing your personal data. These include performance of a contract, compliance with legal obligations, legitimate interests, and, where required by law, your consent.

In particular, we rely on your consent for the use of non-essential cookies and similar technologies, including those used for analytics and advertising.

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and process of personal data about you, which we have grouped as follows:

• Identity Data such as [first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender & preferences or interests.
• Contact Data such as [billing address, delivery address, email address and telephone numbers].
• Financial Data such as [bank account and payment card details].
• Transaction Data such as [details about payments to and from you and other details of products and services you have purchased from us].
• Technical Data such as [internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website].
• Profile Data such as [your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses].
• Account Registration and Linked Services when you register to join The Nutri-Link Clinical Education Forum, you also create a Nutri‑Link account. The personal information you provide during registration (such as your name, contact details & credentials) is used to establish both accounts.
• Purpose and Legal Basis for Processing: We process your registration information to create and administer The Nutri-Link Clinical Education Forum membership, create and administer your Nutri‑Link account, authenticate your identity and manage login access, and provide essential service communications for both services.
• Usage Data, such as [information about how you use our website, products and services].
• Marketing and Communications Data, such as [your preferences in receiving marketing from us and our third parties and your communication preferences].
• Third Party Data refers to information collected from external websites and applications that use services such as Google or Bing. This may include details about ad interactions, referral sources, and user engagement. Such data is processed for purposes including analytics, targeted advertising, and service optimisation.
• Special Category Data - Health Information processing in accordance with Article 9(2)(a)

In the course of providing our products and services, we may collect and process information relating to your health. Under data protection law, this is known as “special category data” and includes any information about your physical or mental health. We only collect the necessary data and are not more intrusive than necessary. Personal data is used for specific purposes for which it was collected. 

What health data we may collect

Depending on how you interact with us, this may include:

• Information about your health conditions, symptoms, or medical history 
• Lifestyle and wellness information (e.g. diet, sleep, exercise, stress levels) 
• Answers to questionnaires or assessments designed to personalise recommendations 
• Information provided by or shared with qualified practitioners (where applicable) 
• Details of supplements recommended based on your health profile 

How we use your health data

We process this information to:

• Provide personalised supplement recommendations 
• Enable practitioners to support and advise you 
• Improve the effectiveness of our products and services 
• Ensure products are suitable for your needs 

Our lawful basis

We process your health data only where we have a valid legal basis. In most cases, this will be:

• Your explicit consent, which you provide when submitting your information or working with a practitioner through our platform 

You have the right to withdraw your consent at any time (see “Your Rights” below).

Sharing of health data

Where you engage with a practitioner through our platform, your health information may be shared with that practitioner to enable them to provide advice and recommendations.

We do not sell your health data to third parties.

Data protection and retention

We apply enhanced security measures to protect your health data. We only retain this information for as long as necessary to fulfil the purposes outlined above or to comply with legal obligations. 

Where analytics uses cookies or similar technologies, we rely on your consent. Where analytics is conducted using anonymised, cookieless or aggregated data, we rely on legitimate interests

We collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law, as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.

Explicit consent - We apply strict access controls, confidentiality obligations, and data minimisation measures to protect this information.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

3. How is your personal data collected?

We use different methods to collect data from and about you, including:

• Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
  • apply for our products or services;
  • create an account over the phone or on our website;
  • subscribe to our service or publications;
  • Request marketing to be sent to you.
  • Enter a competition, promotion or survey; or
  • Give us some feedback or share product/company reviews
• Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our Cookies Policy for further details.
• Third parties or publicly available sources. We may receive personal data about you from various third parties as set out below:
• Technical Data from the following parties:
  • analytics providers such as Google & Bing, based inside and outside the EEA;
  • complete forms via Microsoft Forms & Wufoo
  • advertising networks such as Google, X, LinkedIn, Meta (Facebook & Instagram), Reviews.io, and Reddit based inside and outside the EEA; and
  • search information providers such as Google & Bing based [inside and outside] the EEA.
• Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Royal Mail & DPD. Payment providers such as SagePay (Opayo), Elavon, Stripe, PayPal, Apple Pay & Google Pay based inside and outside the EEA. Payments are processed by third-party PCI compliant providers.
• Identity and Contact Data from data brokers or aggregators such as Campaign Monitor, Klaviyo, and PCA Predict, based inside and outside the EEA.
• Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register, based inside the EEA.

4. How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Where we need to perform the contract, we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.

You may visit the ICO (www.ico.org.uk) website to find out more about the types of lawful basis that we will rely on to process your personal data.

We rely on different legal bases depending on the purpose of processing.

In particular:

• We rely on consent where required by law (including for analytics and advertising cookies and similar technologies).
• We rely on legitimate interests for certain business and operational activities where these do not override your rights.

You have the right to withdraw consent to marketing at any time by contacting us using the details set out in the ‘Contact Details’ section above or by using the unsubscribe links included in our marketing emails or texts.

Purposes for which we will use your personal data:

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please, if you need details about the specific legal ground we are relying on to process your personal data, where more than one ground has been set out in the table below.

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:

Promotional offers from us:

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.

Third Parties and How They Process Your Data

We work with a range of trusted third parties to deliver our services, operate our business, and support analytics, marketing, and payment processing. Depending on the relationship, these third parties act as data processors, independent controllers, or, in limited cases, joint controllers.

We only share personal data with third parties where it is lawful to do so and where appropriate safeguards are in place.

We will get your express opt-in consent before we share your personal data with any company outside of NUTRI-LINK LTD for marketing purposes.

Where we use cookies or similar technologies for analytics, personalisation, or advertising, we rely on your consent in accordance with the UK Privacy and Electronic Communications Regulations (PECR). These technologies are only activated after you provide consent via our cookie banner, as described in our Cookie Policy.

1. Data processors process personal data on our behalf and only in accordance with our instructions. They are contractually required to protect your data and cannot use it for their own purposes.

These include:

• IT, hosting, and system providers (e.g. website infrastructure and support services)
• Ecommerce platform providers
• Payment processors (e.g. Stripe, PayPal, Opayo/Elavon)
• Delivery and logistics providers (e.g. DPD, Royal Mail)
• CRM and email service providers (e.g. Klaviyo, Campaign Monitor)
• Form and data capture providers (e.g. Microsoft Forms, Wufoo)
• Fraud prevention and security providers

2. Some third parties act as independent data controllers. This means they determine how and why your personal data is processed and are responsible for their own compliance obligations.

These include:

• Analytics providers (e.g. Google Analytics, Microsoft Clarity)
• Advertising and social media platforms (e.g. Google, Meta, LinkedIn, Reddit, X)
• Embedded content providers (e.g. YouTube)
• Review platforms (e.g. Reviews.io)

These providers may collect and process personal data via cookies and similar technologies when you interact with our website. This processing is subject to your consent via our cookie banner.

• We encourage you to review the privacy policies of these third parties, as they may use your data for their own purposes, including profiling, measurement, and cross-platform advertising. Where profiling involves the use of cookies or tracking technologies, we rely on your consent.

3. In limited cases, we and certain third parties (such as advertising platforms like Meta or Google) may act as joint controllers where we jointly determine the purposes and means of processing, for example when using advertising pixels or similar tracking technologies. Where required, summaries of joint controller arrangements are available on request or via the relevant platform (e.g. Meta Controller Addendum)

In these cases:

• both parties share responsibility for compliance with data protection law; and
• arrangements are in place to define respective responsibilities.

You can exercise your rights with either party, although we recommend contacting us in the first instance.

Where you have been referred to us by a healthcare practitioner, that practitioner acts as an independent data controller in relation to any personal data they hold about you.

Where we share limited purchase information with your referring practitioner, they will process that information for their own professional purposes, including patient care and relationship management.

We are not responsible for how your practitioner processes your personal data once it has been shared with them. You should refer to your practitioner’s privacy notice for further information.

Where referral or commission arrangements exist, practitioners may use this information to administer those arrangements in accordance with their own legal obligations.

We may also share your personal data with regulators, authorities, or professional advisers where required by law or to establish, exercise, or defend legal claims. These parties typically act as independent controllers.

We require all processors to implement appropriate technical and organisational measures to protect your personal data.

We carefully assess all third-party relationships to determine their role under data protection law and ensure appropriate contractual and technical safeguards are in place.

Where personal data is shared with third parties for analytics or advertising purposes using cookies or similar technologies, this processing is based on your consent, which you can manage at any time via our Cookie Policy.

A list of key third-party providers and links to their privacy information is available on request.

Opting out

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions, where this information is required to be retained by relevant laws.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookie Policy.

Our website runs on Magento Open Source and uses the Plumrocket Cookie Consent module, with integration to Google Tag Manager (GTM) for consent‑aware tag management.

User consent is collected via a cookie banner, allowing acceptance, rejection, or granular control of cookie categories. Consent decisions are stored in browser cookies and logged server‑side within Magento by the Plumrocket module. Plumrocket documentation confirms that the extension provides configurable consent categories and consent logging to support GDPR compliance and auditing.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us using the details provided in the ‘Contact Details’ section above.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. Disclosures of your personal data

We may have to share your personal data with the parties set out below for the purposes set out in the table in paragraph 4 above.

• Registration information is shared internally within Nutri‑Link & The Nutri-Link Clinical Education Forum for the purpose of managing access of account.
• Internal Third Parties as set out in the
• External Third Parties as set out in the Glossary.
• Specific third parties listed in the table in paragraph 4 above

Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. Some providers (such as Google, Meta, and Klaviyo) are based in the United States. Where we transfer personal data internationally, we rely on Standard Contractual Clauses and the UK Addendum. This means your data is protected to UK standards even when processed outside the UK. We assess risks associated with international transfers and implement supplementary measures such as encryption, access controls, and contractual safeguards. You may request further information about these safeguards by contacting us.

6. International transfers

We may share your personal data with our parent company, Allergy Research Group. They are a long‑established provider of hypoallergenic supplements and nutrition products and were acquired by WM Partners in July 2023. This will involve transferring your data outside the European Economic Area (EEA).

Some of our external third parties are based outside the European Economic Area (EEA), so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
• Where we use certain service providers, we may use specific contracts approved by the European Commission, which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
• Where we use service providers based outside the UK and EEA, including in the United States, we may transfer your personal data to them. These transfers are made under the UK Addendum to the EU Standard Contractual Clauses (SCCs), which ensures that equivalent safeguards are in place to protect your data.

Please, if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

7. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Data retention

How long will you use my personal data for?

By law, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes. In some circumstances, you can ask us to delete your data: see ‘Request erasure’ below for further information. We retain marketing preferences for 6 years after the last interaction.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. Your legal rights

Under certain circumstances, you have rights under Data Protection laws in relation to your personal data.

Under UK GDPR, you have the following rights:

• Restrict Processing: You can request that we limit how we use your personal data in certain circumstances, such as when you contest its accuracy or object to its processing.
• Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.
• Object to Profiling and Automated Decision-Making: You can object to any profiling or automated decisions that significantly affect you. We do not carry out automated decision-making without human involvement, but if this changes, we will inform you and explain your rights.
• Request correction of your personal data: https://ico.org.uk/for-the-public/personal-information/. If you wish to exercise any of the rights set out above.
• Right to Complaint: You have the right to make a complaint to us if you are concerned about how we handle your personal data. We will handle your complaint in accordance with our data protection complaints procedure described above. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are not satisfied with our response.

No fee is usually required:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you:

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond:

We try to respond to all legitimate requests within 21 working days. Occasionally, it may take us longer than this time if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. Glossary

LAWFUL BASIS

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Complying with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

THIRD PARTIES

External Third Parties

• Service providers acting as processors based in Europe and the United States of America who provide IT and system administration services.
• Professional advisers acting as processors or joint controllers, including lawyers, bankers, auditors and insurers based within the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
• HM Revenue & Customs, regulators and other authorities [acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

YOUR LEGAL RIGHTS

You have the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons, which will be notified to you, if applicable, at the time of your request.

Object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

PECR Compliance We comply with the UK GDPR and the Privacy and Electronic Communications Regulations (PECR), which require consent for non-essential cookies, including analytics and advertising technologies.

Updates - This policy is reviewed annually and updated as laws change. Last updated: May 2026