Privacy policy

Privacy Policy

This Privacy Policy explains how BODY BUD LTD, trading as bodybud, referred to in this policy as bodybud, we, us or our, collects, uses, stores and shares personal information when you visit our website, purchase from us, contact us, subscribe to our marketing, interact with our adverts, or otherwise use our services.

This policy applies to our website at www.bodybud.co.uk, our customer support channels, our email marketing activity, our order fulfilment processes, and any related systems we use to operate our business.

If you have any questions about this Privacy Policy, how we use your personal information, or if you would like to exercise your data protection rights, please contact us by email at chat@bodybud.co.uk.

Data controller: BODY BUD LTD

Trading name: bodybud

Company number: 14494016

Registered/business address: Office 326, 321-323 High Road, Chadwell Heath, Essex, RM6 6AX

1. Personal Information We Collect

Personal information means any information that can identify you directly or indirectly. The types of personal information we may collect depend on how you interact with us.

Information You Provide to Us

  • Name
  • Email address
  • Phone number
  • Billing address
  • Shipping address
  • Order details
  • Payment and transaction details
  • Customer support messages
  • Product preferences or enquiry details
  • Reviews, feedback, survey responses or form submissions
  • Marketing preferences and communication settings

Information Collected Automatically

  • IP address
  • Browser type and version
  • Device type
  • Time zone
  • Cookie identifiers
  • Pages viewed
  • Products viewed
  • Search terms
  • Referral source
  • How you interact with our website, adverts and emails

Information From Third Parties

We may receive information from third party service providers that help us operate our website, process orders, deliver products, run marketing campaigns, analyse performance, prevent fraud, or provide customer support.

2. How We Use Your Personal Information

We use personal information for the following purposes:

  • To operate our website and provide our services
  • To process and fulfil your orders
  • To take payment and issue invoices or order confirmations
  • To arrange shipping, delivery, returns and warranty support
  • To respond to customer service enquiries
  • To manage product questions, complaints, refunds and replacement requests
  • To send service messages relating to your order or account
  • To send marketing emails where permitted by law
  • To personalise marketing, product recommendations and website content
  • To manage abandoned checkout emails and customer journey automations
  • To improve our website, products, customer service and internal operations
  • To detect, prevent and investigate fraud, abuse, security incidents or unlawful activity
  • To comply with legal, tax, accounting and regulatory obligations
  • To protect our rights, property, customers and business

3. AI-Assisted Processing and Automation

We may use artificial intelligence tools, GPT-style tools, workflow automation tools and related software to help us operate our business more efficiently. This may include tools such as GPT-based systems, OpenAI services, n8n automations and similar services.

These tools may be used to assist with tasks such as:

  • Summarising customer support enquiries
  • Drafting or improving customer service responses
  • Organising customer enquiries and internal tasks
  • Processing order-related workflows
  • Creating internal notes or summaries
  • Supporting email marketing workflows
  • Helping analyse customer feedback or website enquiries
  • Improving operational efficiency and customer experience

Where customer data is processed using AI or automation tools, we aim to limit the personal information shared to what is reasonably necessary for the relevant task. This may include order details, customer messages, product enquiries, delivery information, support notes or other information needed to respond to a customer or manage an order.

We do not intentionally use AI tools to process sensitive personal information unless it is necessary for a specific customer support issue and lawful to do so.

We do not use AI systems to make solely automated decisions about you that have a legal effect or similarly significant effect. AI and automation may assist our team, but important customer service, refund, warranty, complaint and order decisions are reviewed or handled by a person where appropriate.

We may use third party AI and automation providers as service providers, processors or subprocessors. These providers may process personal information only for the purposes of providing services to us, subject to relevant contractual, security and data protection safeguards where required by law.

4. Email Marketing and Omnisend

We may use Omnisend or similar email marketing and automation software to manage our email campaigns, customer journeys, sign-up forms, abandoned checkout messages, product education emails, promotions, segmentation and unsubscribe preferences.

If you subscribe to our marketing, make a purchase, start checkout, or otherwise interact with our website, we may use your contact details, order history, website activity and marketing preferences to send relevant communications where permitted by law.

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in our emails or by contacting us at chat@bodybud.co.uk.

We may send marketing to existing customers about similar products or services where permitted under the soft opt-in rules. We will provide an opportunity to opt out when your details are collected and in every marketing message we send.

Service messages relating to your order, delivery, account, refund, warranty, safety notice or customer support request are not marketing messages and may still be sent where necessary.

5. Lawful Bases for Processing

Under UK GDPR and, where applicable, EU GDPR, we rely on one or more lawful bases when processing your personal information:

Purpose Lawful Basis
Processing and fulfilling orders Performance of a contract
Taking payment and preventing fraud Performance of a contract, legitimate interests, legal obligation
Shipping, delivery, returns and warranty handling Performance of a contract, legitimate interests, legal obligation
Customer support Performance of a contract, legitimate interests
AI-assisted support and internal automation Legitimate interests, performance of a contract where relevant
Email marketing to subscribers Consent
Marketing to existing customers about similar products Legitimate interests, where permitted by PECR soft opt-in rules
Analytics, website improvement and business reporting Consent where required for cookies, otherwise legitimate interests
Legal, tax and accounting records Legal obligation

6. Sharing Personal Information

We share personal information with trusted service providers where necessary to operate our business, provide our services, comply with the law, or protect our rights.

These service providers may include:

  • Shopify, for ecommerce website hosting, checkout, order management and related store services
  • Payment processors, for secure payment handling
  • Delivery, courier and fulfilment partners, for shipping your order
  • Omnisend or similar marketing platforms, for email marketing, automation and customer communication
  • n8n or similar automation tools, for internal workflow automation
  • OpenAI, GPT-based tools or similar AI providers, for AI-assisted processing and operational support
  • Analytics providers, such as Google Analytics, to understand website performance
  • Advertising platforms, such as Google, Meta, Shopify Audiences or similar partners, to measure and improve marketing
  • Customer support, review, survey, form or helpdesk providers
  • Professional advisers, including accountants, legal advisers and compliance consultants
  • Regulators, courts, law enforcement or public authorities where required by law

We do not sell your personal information in the ordinary sense of selling customer lists for money. However, some advertising, analytics and tracking activities may be considered sharing, targeted advertising or similar terms under certain privacy laws.

7. International Transfers

Some of our service providers may process or store personal information outside the United Kingdom, the European Economic Area or your country of residence. This may include countries such as the United States, Canada or other locations where our service providers or their subprocessors operate.

Where personal information is transferred internationally, we will rely on appropriate safeguards where required by law. These may include adequacy decisions, Standard Contractual Clauses, the UK International Data Transfer Addendum, the UK International Data Transfer Agreement, data processing agreements, or other lawful transfer mechanisms.

8. Data Retention

We keep personal information only for as long as reasonably necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law.

Typical retention periods include:

  • Order and transaction records: retained for accounting, tax, legal and business record purposes
  • Customer support records: retained for as long as needed to manage enquiries, complaints, refunds, warranty claims and legal obligations
  • Marketing records: retained until you unsubscribe, withdraw consent, object to marketing, or your data is no longer required
  • Cookie and analytics data: retained according to the lifespan of the relevant cookie or analytics tool
  • Fraud, security and legal records: retained where necessary to protect our rights and comply with legal obligations

When personal information is no longer required, we will delete it, anonymise it, or securely retain it only where legally necessary.

9. Automated Decision-Making and Profiling

We may use limited profiling to understand customer preferences, improve marketing relevance, analyse website activity, segment email campaigns, or recommend products. This may include information such as products viewed, products purchased, email engagement, browsing behaviour or customer preferences.

We do not use your personal information for solely automated decision-making that produces legal effects or similarly significant effects concerning you.

Shopify and payment providers may use limited automated processing to help detect and prevent fraud, abuse or security risks. This may include temporary checks relating to IP addresses, payment details, checkout activity or transaction risk.

10. Behavioural Advertising and Analytics

We may use your personal information to provide targeted advertisements or marketing communications that we believe may be of interest to you.

We may use analytics and advertising tools such as Google Analytics, Google Ads, Meta advertising tools, Shopify Audiences or similar services to understand how customers use our website, measure marketing performance, improve our advertising and show relevant adverts.

These tools may use cookies, pixels, tags or similar technologies. Depending on your location, we will ask for consent where required before placing non-essential cookies or using similar technologies.

You can opt out of targeted advertising through the settings provided by the relevant advertising platform, your browser settings, or available industry opt-out tools. You can also manage cookies through your browser or cookie preferences where available on our website.

11. Cookies

Cookies are small files placed on your device when you visit our website. We use cookies and similar technologies to operate the website, remember preferences, process checkout, improve website performance, understand visitor behaviour, and support marketing.

Types of cookies we may use include:

  • Strictly necessary cookies: required for the website, basket, checkout, security and customer account features to work
  • Performance and analytics cookies: help us understand how visitors use our website and improve the experience
  • Functional cookies: remember preferences and improve usability
  • Advertising and targeting cookies: help us measure adverts and show relevant marketing
  • Social media or content cookies: support embedded content or social media features where used

You can control cookies through your browser settings. Blocking or deleting cookies may affect parts of the website, including checkout or account features.

Where required by law, we will request consent before placing non-essential cookies on your device.

12. Your Data Protection Rights

Depending on your location and applicable law, you may have rights in relation to your personal information. These may include the right to:

  • Access the personal information we hold about you
  • Ask us to correct inaccurate or incomplete information
  • Ask us to delete your personal information
  • Ask us to restrict how we process your personal information
  • Object to certain processing, including direct marketing
  • Withdraw consent where processing is based on consent
  • Request a copy of your personal information in a portable format
  • Object to solely automated decision-making where applicable
  • Complain to a data protection authority

To exercise your rights, please contact us at chat@bodybud.co.uk.

We may need to verify your identity before responding to a request. We will respond within the timeframe required by applicable law.

13. Marketing Preferences

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any marketing email we send or by contacting us at chat@bodybud.co.uk.

If you unsubscribe from marketing, we may still send you service messages relating to your orders, deliveries, returns, refunds, warranty claims, account activity, legal notices or customer support enquiries.

14. Children

Our website and services are not intended for children. We do not intentionally collect personal information from children. If you are a parent or guardian and believe that a child has provided us with personal information, please contact us so we can take appropriate steps to delete it.

15. Security

We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration or disclosure.

No website, platform, email system, AI tool, automation system or method of electronic storage is completely secure. We therefore cannot guarantee absolute security, but we work with service providers that offer appropriate safeguards and we take steps to limit access to personal information where possible.

16. Third Party Links

Our website may contain links to third party websites, platforms, apps or services. We are not responsible for the privacy practices, content or security of those third parties. You should read their privacy policies before providing them with personal information.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our business, website, technology, service providers, AI and automation tools, legal obligations or regulatory requirements.

When we make changes, we will update the date at the bottom of this policy. The latest version will apply from the date it is published on our website.

18. Complaints

If you have a complaint about how we handle your personal information, please contact us first at chat@bodybud.co.uk so we can try to resolve the issue.

If you are not satisfied with our response, you have the right to complain to the UK Information Commissioner's Office or your local data protection authority.

UK Information Commissioner's Office: https://ico.org.uk/make-a-complaint/

19. Contact Us

For questions, requests or complaints relating to this Privacy Policy or your personal information, please contact:

Email: chat@bodybud.co.uk

Website: www.bodybud.co.uk

Business/legal entity: BODY BUD LTD

Company number: 14494016

Address: Office 326, 321-323 High Road, Chadwell Heath, Essex, RM6 6AX