Cart
0
You may also like
This Privacy Policy explains how
, trading as Great Britain Nutrition ("we", "us", or "our"), collects, uses, discloses, and protects your personal data when you visit our websites, make a purchase, contact us, or otherwise interact with us. We act as the data controller for the processing described here.
We are committed to the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).
Quick summary:
- We collect the data needed to run our store, deliver your orders, support you, and (with your consent) send marketing.
- We never sell your personal data.
- You have rights over your data, including access, correction, deletion, and opting out of marketing at any time.
---
Who we are and how to contact us
- Controller: Wawan Protein Limited, trading as Great Britain Nutrition
- Registered address: 30-32 knowsley street, M8 8HQ, United Kingdom
- Email: info@greatbritainnutrition
- ICO registration number 15374173
If you have questions about this policy or how we use your data, please contact us using the details above. You can also complain to the UK Information Commissioner’s Office (ICO) – see Your rights below.
The personal data we collect
We collect and process the following categories of personal data about you:
- Identity and contact data – name, email address, phone number, billing and delivery addresses.
- Order and payment data – order history, basket contents, invoices, last four digits of your card, payment status. Card details are processed securely by our payment providers; we do not store full card numbers.
- Account data – login details, profile information, saved addresses, preferences.
- Marketing preferences – your choices about receiving emails/SMS and your interactions with our messages.
- Device and usage data – IP address, device type, browser information, pages viewed, links clicked, and similar diagnostic data.
- Support communications – messages you send to us (e.g., chat, email, social media) and associated metadata.
- Health/allergy info (only if you choose to tell us) – for example if you ask customer support product suitability questions. We will only process this with your explicit consent and will not require it to complete a purchase.
We obtain data:
- directly from you (when you browse, create an account, place an order, contact us, or opt in to marketing);
- automatically via cookies and similar technologies (see Cookies);
- from third parties such as payment providers, delivery partners, fraud‑prevention services, and social/media platforms (when you interact with our pages or ads).
How we use your data and our lawful bases
We only use your personal data when the law allows us to. The table below shows the purpose, the data we use, and the lawful basis under the UK GDPR.
| Purpose | Data used | Lawful basis |
| Operate our website and online store | Identity/contact, account, device/usage, cookies | Legitimate interests (running our business, providing our services) and consent for non‑essential cookies |
| Take and fulfill your orders; deliver products; handle returns | Identity/contact, order/payment, account | Contract (to provide the products/services you request) and legal obligation (tax, consumer law) |
| Payment processing and fraud prevention | Identity/contact, order/payment, device/usage | Contract and legitimate interests (preventing fraud) |
| Customer support and service communications | Identity/contact, order history, support communications | Legitimate interests (responding to queries, improving service) and contract where relevant |
| Marketing emails/SMS and personalized ads (where allowed) | Identity/contact, marketing preferences, device/usage, order history | Consent (for emails/SMS and cookies) and legitimate interests (where permitted, for similar products to existing customers) |
| Analytics and performance | Device/usage, cookies | Consent (for analytics cookies) and legitimate interests (basic site metrics) |
| Record keeping, accounting, legal compliance | Identity/contact, order/payment | Legal obligation |
Where we rely on consent, you can withdraw it at any time (for example by using the unsubscribe link in our emails or changing your cookie settings). Where we rely on legitimate interests, we balance our interests against your rights and expectations.
Sharing your data
We share personal data with trusted service providers who help us run our business, for example:
- E‑commerce platform: [e.g., Shopify/WooCommerce/Custom]
- Payment providers: [e.g., Stripe, PayPal, Klarna]
- Fulfilment & delivery: [e.g., Royal Mail, DPD]
- Email/SMS platforms: [e.g., Klaviyo, Mailchimp, Twilio]
- Analytics & advertising: [e.g., Google Analytics, Meta/Facebook, TikTok]
- Fraud prevention & security: [e.g., Signifyd, Cloudflare]
These companies act as processors under our instructions and are bound by contracts requiring them to protect your data. We also share data where necessary with professional advisers (legal, accounting), law enforcement or regulators where required by law, or as part of a business transaction (e.g., restructuring or sale), subject to appropriate safeguards.
We do not sell your personal data.
International transfers
Some providers may process data outside the UK (and EEA). Where this happens, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU Standard Contractual Clauses, plus technical and organisational measures.
Data retention
We keep personal data only for as long as necessary for the purposes set out in this policy:
- Orders and invoices: generally 6–7 years to meet tax/audit requirements.
- Customer accounts: until you close your account, plus a short period to administer the closure.
- Marketing consents and preferences: until you unsubscribe/withdraw consent, plus a short period to record your opt‑out.
- Support communications: typically 24–36 months, unless needed longer for disputes or legal issues.
- Analytics data: in accordance with our cookies and analytics settings/policies.
We may retain limited data to comply with legal obligations, resolve disputes, and enforce our agreements.
Cookies and similar technologies
We use cookies, pixels and similar technologies to run our site, remember your preferences, measure performance, and (with your consent) show relevant ads. For full details, including the types of cookies and how to manage your choices, please see our Cookie Policy and our cookie banner controls. You can change your settings at any time.
Marketing
- Email/SMS: We send marketing only with your consent (or to existing customers about similar products, where permitted). You can opt out at any time via the unsubscribe link or by contacting us.
- Online advertising: We may use advertising platforms to reach audiences interested in our products. This may involve using cookies or hashed identifiers with your consent. See Cookies above.
Your rights
You have rights under the UK GDPR, including to:
1. Access your personal data and receive a copy.
2. Rectify inaccurate or incomplete data.
3. Erase your data in certain circumstances (“right to be forgotten”).
4. Restrict our processing in certain circumstances.
5. Object to processing based on legitimate interests or to direct marketing.
6. Port your data to another provider where technically feasible.
7. Withdraw consent where we rely on consent.
8. Complain to the ICO (www.ico.org.uk) if you’re unhappy with how we use your data.
To exercise your rights, contact us using the details in Who we are and how to contact us. We may need to verify your identity before responding.
Children
Our products and services are not intended for children. We do not knowingly collect personal data from anyone under 16. If we learn that we have collected such data, we will delete it. Parents/guardians who believe a child has provided us data should contact us.
---
## Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and regular monitoring. However, no method of transmission or storage is completely secure.
Automated decision‑making / profiling
We do not make decisions with legal or similarly significant effects based solely on automated processing. We may use limited profiling (e.g., segmenting customers by purchase history) to tailor marketing, with your consent where required. You can object at any time.
Links to other websites
Our website may contain links to third‑party sites. Their privacy practices are not covered by this policy. We encourage you to read the privacy information on every site you visit.
Changes to this policy
We may update this notice from time to time. If we make significant changes, we will take reasonable steps to notify you (for example, by email or site notice) and will update the “Last updated” date above.
Additional information for business customers (optional)
If you are a distributor, retailer, supplier, or other business contact, we process your contact details, job role, communications, and contract information to manage our business relationship, based on contract and legitimate interests. Your rights and our retention, sharing, and transfer practices are as described above.
Template: list your key processors (customise)
Replace this list with your actual providers or link to a live list on your website.
- E‑commerce platform: Shopify (Privacy Policy)
- Payment providers: Stripe (Privacy Policy)
- Fulfilment & delivery: Royal Mail, DHL, DPD, EVRI
- Marketing platforms:
Google. Google Privacy Policy;
b. Facebook, and Instagram. Meta Privacy Policy;
c. Youtube. YouTube Privacy Policy;
d. LinkedIn. LinkedIn Privacy Policy;
e. TikTok. Privacy Policy; and
Contact Us
We hope that you find this Privacy Policy easy to understand, but if you have any questions, comments or concerns about this policy or how we handle your personal data, you can contact us in the UK or you can email us at: info@greatbritainnutrition.com