Privacy Policy
Performance Lab Group Ltd. Privacy Policy
Pre Lab Pro® is part of the Performance Lab Group Ltd. This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.prelabpro.com or www.performancelab.com (the 'Sites').
We are committed to protecting your privacy. We implement technical and organizational measures to secure your Personal Information, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of your Personal Information.
Our e-commerce platform is Level 1 PCI DSS compliant – you can read more about PCI DSS here: https://www.pcicomplianceguide.org/faq/
To better protect your privacy, we, Performance Lab Group Ltd. and our affiliates and subsidiaries (collectively, 'Performance Lab', 'we', 'us', or 'our'), provide this Privacy Policy explaining how we collect, use, and disclose Information (defined below) that we obtain about visitors to our websites (www.prelabpro.com and www.performancelab.com) (the 'Sites') and the products and services available through our Sites. We also explain the choices you can make about the way your Information is collected and used through our Sites or Services.
Who We Are
Performance Lab Group Ltd. (based in the UK), collects, uses and is responsible for certain personal information about you.
When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
As some Performance Lab Group Ltd. affiliates are based outside of the European Economic Area, these affiliates have appointed Performance Lab Group Ltd. to be their representative within the EEA as necessary. Contact details are available.
Personal Information We Collect
When you visit the Sites, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Sites, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Sites, and information about how you interact with the Sites. We refer to this automatically-collected information as ‘Device Information.’
We collect Device Information using the following technologies:
- ‘Cookies’ are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org
- ‘Log files’ track actions occurring on the Sites, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- ‘Web beacons,’ ‘tags,’ and ‘pixels’ are electronic files used to record information about how you browse the Sites.
Additionally when you make a purchase or attempt to make a purchase through the Sites, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card number or PayPal ID), email address, and phone number. We refer to this information as ‘Order Information.’
This information is mandatory, which means that it will not be possible to purchase a product from the Sites without it.
When we talk about ‘Personal Information’ in this Privacy Policy, we are talking about both Device Information and Order Information.
How Do We Use Your Personal Information?
We use the Order Information that we collect generally to fulfill any orders placed through the Sites (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you. Via our customer service program, in response to reviews, via social media or email.
- Screen our orders for potential risk or fraud.
- Provide you with information or offers relating to our products or services, in line with the preferences you have shared with us.
- Reviewing the functionality and effectiveness of the Sites.
- Analysing trends.
- Collecting reviews and testimonials.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Sites (for example, by generating analytics about how our customers browse and interact with the Sites and to assess the success of our marketing and advertising campaigns).
Sharing Your Personal Information
We share your Personal Information with third parties as Data Processors to help us use your Personal Information.
We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We only permit them to process your personal information for specified purposes and in accordance with our instructions.
- We use Shopify to power our online store — you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy
- We use PayPal to process payments for products ordered from the Sites — you can read more about how PayPal uses your Personal Information here: https://www.paypal.com/en/webapps/mpp/ua/privacy-full
- We also use Amazon Pay to process payments for products ordered from the Sites — you can read more about how Amazon Pay uses your Personal Information here: https://pay.amazon.com/uk/help/201751600
- We do not record or store any financial information taken through the Sites, and cannot take any payments by mail order or telephone.
- We use Google Analytics to help us understand how our customers use the Sites — you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/ You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout
- We use Gorgias to help us Deliver and manage our customer service program — you can read more about how Gorgias uses your Personal Information here: https://www.gorgias.com/privacy/privacy
- We use Klaviyo to deliver marketing communications we believe may be of ben-efit to, or interest you. This includes order confirmation details and notices of special offers - you can read more about how Klaviyo uses your Personal Information here: https://www.klaviyo.com/legal/privacy/privacy-notice
- We use Reviews.io to collect and publish reviews and testimonials — you can read more about how Reviews.io uses your Personal Information here: https://www.reviews.io/front/user-privacy-policy/
- Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Do Not Track
Please note that we do not alter the Sites’ data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
If you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Sites), or otherwise to pursue our legitimate business interests. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
GDPR Necessity
We need to process your personal information in order to:
- Perform our contract with you (see Article 6.1.b of the GDPR).
- Comply with our legal obligations (see Article 6.1.c of the GDPR).
- Pursue legitimate business interests of our own related to operating the Sites and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (see Article 6.1.f of the GDPR).
- Establish, exercise or defend legal claims, where necessary (see Article 9.2.f of the GDPR).
- Operate an online review platform in compliance with, for example, the Unfair Commercial Practices Directive, ICPEN’s guidelines on online reviews and endorsements, The Consumer Protection from Unfair Trading Regulations 2008, The Competition and Markets Authority’s guidance on online reviews and endorsements.
Some of these grounds for processing your personal data overlap, so there may be several reasons which justify us processing your personal information.
In those limited circumstances where you have expressly given your consent to us to process your personal data (see Article 6.1.a of the GDPR), for example, when subscribing to our newsletters, you are free to revoke your consent at any time. However, please be aware that we may have the right to continue to process your information if it can be justified on one of the other legal bases mentioned above.
You have the right to object to how we process your personal information, or ask us to restrict the processing. Please see below for more details.
If you would like more information about our legal basis for processing your personal information, please contact our Data Protection Officer (DPO).
Data Retention
When you place an order through the Sites, we will maintain your Order Information for our records unless and until you ask us to delete this information.
Minors
The Sites are not intended for individuals under the age of 18.
Data Controller
We are the Data Controller of the Personal Data you enter to create and maintain your account.
We are also the Data Controller of the information which is disclosed to other services as Data Processors.
You are the Data Controller for content you choose to disclose on the Sites in a review and for the personal data disclosed when you connect your Social Network profile(s) with our profiles.
Access
You can email dpo@performancelab.com and request information about your personal data.
Upon receiving your request, we will let you know what personal information we have about you and whether that data is portable.
We reserve the right to block access to our sites and delete your Account on the Sites if, in our assessment, we find anything violates applicable laws, third party rights or our User Guidelines, or is inconsistent with the purpose of the Sites.
If we block access to or delete your Account, we will inform you of the reason for blocking or deleting your Account by sending an email to the address you provided when you created your Account.
Other Rights
In addition to the rights set out above concerning your Personal Data, you also have the following rights:
- You also have the right to object to the processing of your personal data and have the processing of your personal data restricted.
- In particular, you have an unconditional right to object to the processing of your personal data for direct marketing purposes.
- If our processing of your personal information is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing of data carried out before you withdrew your consent. You may withdraw your consent by emailing us at dpo@performancelab.com
In some circumstances, these rights may be limited or conditional. For example, whether or not you have the right to data portability in a particular case depends on the specific circumstances of the processing activity.
Data Protection Officer
We have a Data Protection Officer (DPO). If you have any questions about the data processing activities performed by us, you are welcome to contact our DPO by email at: dpo@performancelab.com
Changes
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
Contact Us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at dpo@performancelab.com or by mail using the details provided below:
Data Protection Officer, Performance Lab Group Ltd. 7 Clarendon Place, Royal Leamington Spa, CV32 5QL, United Kingdom.