Privacy Policy

Who we are

This policy is issued by MTHD Project Limited (“we”, “us”, “our”). We are a controller of your personal data and responsible for ensuring that it is properly collected, used and protected. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).

If you are located in the European Economic Area (EEA), we are also subject to the EU General Data Protection Regulation (EU GDPR) and other local laws in relation to products and/or services we offer to individuals in the EEA, and/or where we monitor the behaviour of individuals in the EEA.

Please see the 'How to contact us' section at the end of this privacy policy if you have any questions about it or the data we hold about you.

This Privacy Policy

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information about who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

This privacy policy is divided into the following sections:

Who we are
This privacy policy
Our collection and use of your personal data
Who we share your personal data with
Transfer of your data out of the UK and EEA
Cookies and similar technologies
Marketing
Your rights
How long your personal data will be kept
Keeping your personal data secure
How to complain
How to contact us
Changes to this privacy policy

Our collection and use of your personal data

How your personal data is collected

We collect personal data about you in different ways, including:

Direct interactions: when you use our website, register with us, sign up to one of our mailing lists, contact us, send us feedback or purchase products and/or services from us.
Automated technologies or interactions: as you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.

Personal data we collect about you

The personal data we collect about you depends on the purpose for which you engage with us. We may collect and use the following data about you:

Identity Data - full name, marital status, title, date of birth and gender.
Contact Data - address, email address and telephone number(s).
Financial Data - bank account and payment card details.
Transaction Data - details about payments to and from you and other details of products and/or services you have purchased from us.
Technical Data - internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Profile Data - your username and password, orders made by you, your interests and preferences.
Usage Data - data about how you use our website and products, including survey responses.
Marketing and Communications Data - your preferences in receiving marketing from us and your communication preferences.

This personal data is required to provide you with access to our website and to provide any products and/or services to you that you may choose to purchase. If you do not provide personal data we ask for, it may delay or prevent us from providing the website or products to you.

Our website is not intended for use by children and we do not knowingly collect or use personal data relating to individuals under the age of 18.

We also collect and use Aggregated Data such as statistical data. This is to allow us to evaluate the popularity of certain offerings. Aggregated Data may be derived from your personal data but is not considered personal data in law as it does not include information that can directly or indirectly identify you. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature, or attending certain courses. This is to allow us to evaluate the popularity of different parts of our offering.

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a lawful basis for doing so, which includes:

Consent: where you have given us clear consent for us to process your personal data for a specific purpose.
Contract: where our use of your personal data is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
Legal obligation: where our use of your personal data is necessary for us to comply with the law (not including contractual obligations).
Legitimate interests: where our use of your personal data is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal data which overrides our legitimate interests).

We will not routinely collect Special Category Data about you. However, where we do process your special category data for example information about your health and fitness, we are also required to make sure that a special category processing condition applies. In the majority of cases this means that we will collect your explicit consent to process special category data about you. Any health or fitness information that you choose to share will always be on a voluntary basis.

The table below explains what we use your personal data for and why:

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To register you as a new user for our website

(a) Identity

(b) Contact

Performance of a contract with you

To provide products and/or services to you, including:

(a) to manage payments, fees and charges

(b) to collect and recover money owed to us

(a) Identity

(b) Contact

(c) Financial

(d) Transaction

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:

(a) Notifying you about changes to our website, content, products, services, terms or privacy policy

(b) Asking you to leave a review or take a survey

(a) Identity

(b) Contact

(c) Profile

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated, to study how customers use our website and products and grow or business)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity

(b) Contact

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security and to prevent fraud)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and marketing materials to you and measure or understand the effectiveness of the marketing we send to you

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing and Communications

(f) Technical

(a) Consent

OR

(b) Necessary for our legitimate interests (to study how customers use our website, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, marketing, customer relationships and experiences

(a) Technical

(b) Usage

Necessary for our legitimate interests (to define types of customers for our website and products, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about our website and products that may be of interest to you

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(e) Marketing and Communications

(a) Consent

OR

(b) Necessary for our legitimate interests (to develop our website and products and grow our business)

To help track your fitness and development

(a) Profile

(b) Usage

(c) Health and fitness information – where you choose to provide this information to us

(a) Performance of a contract with you – to provide the website you are subscribing for

AND

(b) Consent, to the extent that this purpose/activity involves us processing special category data about you

Who we share your personal data with

We routinely share personal data with:

Third parties we use to help provide our website, products, and services to you, e.g. payment service providers, delivery service providers, fitness coaches and retail and merchandise partners.
Other third parties we use to help us run our business, e.g. website hosting providers.

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

We may disclose your personal data to law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share some personal data with other parties, such as legal advisors or potential buyers of some or all of our business or during a re-structuring. Usually, in a business sale scenario data will be anonymised but this may not always be possible. The recipient of the data will be bound by confidentiality obligations.

Transferring your personal data out of the UK and EEA

To provide the website to you, it is sometimes necessary for us to share your personal data outside the UK or EEA for example, with our service providers that are either located outside the UK or EEA or transfer personal data outside of the UK.

Transfers of personal data outside of the UK are subject to special rules under UK data protection law. This is because non-UK countries do not have the same data protection laws as the United Kingdom.

Transfers of EU personal data outside of the EEA are subject to special rules under EU data protection law. This is because non-EEA countries do not have the same data protection laws as the EU. We will ensure the transfer complies with data protection law and all personal data will be secure

As a result, when we transfer personal data outside of the UK or EEA we will ensure that the transfer complies with data protection law by following one of the below steps:

Confirming that the recipient is located in a country which has been deemed to provide personal data with an adequate level of protection, for example countries located within the EEA.
Putting in place safeguards such as approved standard contractual clauses so that you have enforceable rights and effective legal remedies.
Confirming that a specific exception applies under data protection law.

Cookies and other tracking technologies

A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website. We use cookies on our website and comparable tracking technology in our app. This help us recognise you and your device and store some information about your preferences or past actions.

For further information about cookies and other tracking technologies, how we use them, when we will request your consent before placing them and how to disable them, please see our Cookie Policy here http://themethod.com/cookie-policy.

Marketing

We may use your personal data to send you updates (for example by email, text message, telephone or post) about our website, as well as any products and services available for purchase, including exclusive offers, promotions or new products and services.

We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.

We will only send you marketing content if you have given your consent to receive marketing communications, or it is in our legitimate interests to send them because you have previously purchased similar products and/or services from us. In both cases you always have the right to opt out of receiving further promotional communications by:

Contacting us at hello@themethod.com.
Clicking the unsubscribe link in relevant emails.

We may ask you to confirm or update your marketing preferences if there are changes in the law, regulation, or the structure of our business.

Please note that we may also send you other communications in relation to your access to the website or purchase of products or in order to respond to queries you have raised, such communications are service communications and are not considered a form of marketing communications.

Your rights

You have the following rights, which you can exercise free of charge:

Access	The right to be provided with a copy of your personal data (the right of access)
Rectification	The right to require us to correct any mistakes in your personal data
To be forgotten	The right to require us to delete your personal data—in certain situations
Restriction of processing	The right to require us to restrict processing of your personal data—in certain circumstances, e.g. if you contest the accuracy of the data
Data portability	The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
To object	The right to object: —at any time to your personal data being processed for direct marketing (including profiling); —in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
Not to be subject to automated individual decision making	The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

For further information about your rights please contact us or see the guidance provided by the UK Information Commissioner’s Office (ICO) on individuals’ rights or if you are located in the EEA, the guidance provided by your local supervisory authority.

If you would like to exercise any of your rights, please:

Email or write to us — see the 'How to contact us' section at the end of this policy.
Let us have enough information to identify you e.g. your full name, address and customer or matter reference number).
Let us have proof of your identity if requested.
Let us know which right you want to exercise and the data to which your request relates.

How long your personal data will be kept

We will not retain your personal data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal data.

When it is no longer necessary to retain your personal data, we will delete or anonymise it.

As an indication, if you sign up for our website or purchase products or services from us, we will keep your personal data while we are making the website available to you or providing such products. Thereafter, we will keep your personal data for as long as is necessary:

To respond to any questions, complaints or claims made by you or on your behalf.
To show that we treated you fairly.
To keep records required by law.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

You can request further details of retention periods for different aspects of your personal data by contacting us.

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your data will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Links to third party sites

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

How to complain

Please contact us if you have any query or concern about our use of your data (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the Information Commissioner (or any relevant data protection supervisory authority). The Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113

Your duty to inform us of changes

It is important that the personal data we hold about you in accurate and current. Please keep us informed if your personal data changes during your relationship with us.

How to contact us

Individuals in the UK

You can contact us by post or email if you have any questions about this privacy policy or the data we hold about you, to exercise a right under data protection law or to make a complaint.

Our contact details are shown below:

Our contact details

The Method, 26 St James's Square, London, SW1Y 4JH

hello@themethod.com

Changes to this privacy policy

This privacy policy was last updated on 11/09/2024. We keep our privacy policy under regular review to make sure it is up to date and accurate. If we change our privacy policy from time to time, we will post the details of any changes here. We may also take reasonable steps to notify you if such changes affect how your personal data is processed.