Privacy Policy
Last updated: March 2, 2026
DATONLY LTD is committed to protecting your privacy and processing personal information responsibly and in compliance with applicable law (including UK GDPR). This policy explains what data we collect, why we process it, how we protect it, how long we keep it, and your rights regarding your data.
1. Personal Data We Collect
- Name or preferred name — optional — used only to personalise communication during order processing and support
- Telephone number — required — our primary contact method for order confirmation, payment guidance, delivery and support
- Selected program / bundle — required — to prepare and deliver the correct digital materials
- Anonymous technical data — approximate location, device type, browser, visit timestamps — collected in aggregated, non-identifiable form for site performance, basic analytics and abuse prevention
We do not collect or require: email addresses (unless voluntarily provided), postal addresses, payment card details, ID numbers, date of birth, health information or any special category data.
2. Purposes and Lawful Basis for Processing
- Performance of a contract — to fulfil your order, deliver digital products and provide related support (UK GDPR Art. 6(1)(b))
- Legitimate interests — to maintain website functionality, security, perform anonymised analytics and prevent fraud (Art. 6(1)(f))
We do not use your data for marketing, newsletters, advertising, profiling or any purposes unrelated to fulfilling your order and providing support. We do not sell or share personal data with third parties (except minimal pseudonymised transaction data required by payment processors as legally necessary).
We will never request card numbers, CVV, expiry dates, passwords, banking details or similar sensitive information over phone, email, text or any channel. Any such request is fraudulent — terminate contact immediately and notify us at hello@healthflow.uk.
3. How We Protect Your Data
- Data stored on secure servers in the UK/EEA with strict access controls
- All traffic and communications encrypted (HTTPS / TLS 1.3+)
- Access restricted to minimal authorised personnel necessary for order fulfilment and support
- Retention limited to 12 months from last interaction (or earlier upon request)
- In the unlikely event of a data breach, affected individuals would be notified without undue delay
4. Your Rights Under UK GDPR
- Right to be informed — you are reading this policy
- Right of access — request what data we hold
- Right to rectification — correct inaccurate data
- Right to erasure (“right to be forgotten”) — request deletion (processed within 48 hours)
- Right to restriction, portability and objection in certain cases
To exercise these rights, simply contact us by phone or message. We respond promptly and free of charge (unless requests are manifestly unfounded or excessive). If unsatisfied, you may complain to the Information Commissioner’s Office (ICO): https://ico.org.uk
5. Changes to This Privacy Policy
We may update this policy occasionally to reflect legal, technical or operational changes. The current version is always published here. Significant updates will be communicated to recent customers where appropriate. Continued use of the site constitutes acceptance of the updated policy.
+44 20 8123 4567
hello@healthflow.uk
DATONLY LTD
86-90 Paul Street, London, England, United Kingdom EC2A 4NE