Privacy Policy

Last reviewed: March 2026

This Privacy Policy explains how Active Heart Health Ltd ("we", "our" or "us") collects, uses, stores, and protects your personal data when you use our website at activehearthealth.com, contact us directly, or interact with our content or social media pages.

We are committed to handling personal data transparently, lawfully and securely in accordance with UK data protection law.

1. Who we are (Data Controller)

Active Heart Health Ltd is the data controller responsible for your personal data.

  • Company number: 12374292

  • Registered office: 2 Exeter Street, Cottingham, East Riding of Yorkshire, England, HU16 4LU

  • Email: contact@activehearthealth.com

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details above.

2. What personal data do we collect

We only collect personal data that is relevant to the way this website currently operates.

a) Information you provide directly

If you contact us by email or through a website form, we may collect:

  • your name;

  • your email address and any other contact details you choose to provide; and

  • the contents of your message or enquiry.

If you make privacy or cookie choices through our consent tools, we may also keep a record of those preferences.

b) Information collected automatically

When you visit the website, our service providers and we may automatically collect certain technical and usage information, including:

  • IP address;

  • approximate location derived from IP address;

  • browser type and version;

  • device type and operating system;

  • referring website or source;

  • pages viewed, time spent on pages and basic interaction data; and

  • information about consent choices made through our cookie banner.

This information may be collected through server logs, cookies, consent tools and analytics technologies.

c) Interactions with our social media pages

If you interact with us through our social media pages, such as by commenting on a post, sending a message, reacting to content, or mentioning us, we may receive personal data associated with your account, such as your name, profile name, profile image, and the content of your interaction.

We may use this information to respond to enquiries, moderate comments, understand engagement with our content, and manage our social media presence.

d) Affiliate link activity

Some pages contain affiliate links, including links to Amazon and other third-party retailers. If you click one of these links, the relevant third party may collect information about your visit or purchase in accordance with its own privacy and cookie policies. We do not receive your full personal data from those retailers simply because you clicked an affiliate link.

3. Special category personal data

We do not routinely collect special category personal data, such as health or medical information.

If you choose to include sensitive information in a message to us, we will process it only where there is a valid, lawful basis and appropriate safeguards are in place.

4. How we use your personal data

We may use personal data to:

  • respond to your enquiries, messages or social media interactions;

  • operate, maintain and secure the website;

  • understand how visitors use the website and improve content, usability and performance;

  • manage and moderate our social media presence;

  • store and manage cookie consent preferences;

  • maintain internal business records; and

  • comply with legal or regulatory obligations.

We do not currently operate an online shop, take payments through the website, or run an active email newsletter. If that changes, we will update this Privacy Policy.

5. Lawful bases for processing

Under UK GDPR, we must have a lawful basis for using your personal data. For this website, the main lawful bases we rely on are:

  • Legitimate interests — to operate, secure and improve our website, respond to enquiries, and keep appropriate business records, provided those interests are not overridden by your rights and interests.

  • Consent — for non-essential cookies and similar technologies, and for any future email marketing where consent is required.

  • Legal obligation — where we must process personal data to comply with applicable law, regulation or lawful requests.

  • Vital interests — in the unlikely event that processing is necessary to protect someone’s life.

6. Cookies and tracking technologies

We use cookies and similar technologies for the following purposes:

  • to make the website function properly;

  • to remember consent choices;

  • to understand website traffic and usage patterns; and

  • to support affiliate link tracking where relevant.

The website currently uses tools including:

  • Squarespace for website hosting and core site functionality;

  • Google Analytics to help us understand website traffic and usage patterns;

  • Google Tag Manager to manage website tags and scripts; and

  • Cookiebot to manage cookie consent preferences.

Non-essential cookies and similar technologies should only be set with your consent through our cookie banner or preference tools.

For more details, please see our Cookie Policy.

7. Marketing communications

We do not currently operate a regular email newsletter or marketing mailing list.

If we introduce email marketing in the future, we will update this Privacy Policy and, where required, ask for your consent before sending marketing communications. Any future marketing emails would include a clear way to unsubscribe.

8. Sharing your personal data

We do not sell your personal data.

We may share personal data, where necessary, with trusted third parties that help us operate the website and business, including:

  • Squarespace, which hosts and supports the website;

  • Google, including Google Analytics and Google Tag Manager;

  • Cookiebot, which helps manage cookie consent records and preferences;

  • Meta or other social media platform providers, where you interact with us through those platforms; and

  • professional advisers, regulators, law enforcement bodies, courts or other authorities where disclosure is necessary to comply with the law or protect our legal position.

If you interact with our Facebook page or other social media content, those platforms also process personal data under their own terms and privacy policies. We do not control their separate processing activities.

We do not currently share your personal data with a newsletter or email marketing platform because no active mailing list is currently operated.

9. Affiliate links and third‑party websites

Our website contains affiliate links and may link to third-party websites, including Amazon and other retailers.

If you click a third-party link, you will leave our website. That third party may collect personal data, place cookies, or track your activity under its own terms and privacy practices. We do not control those third-party practices and encourage you to read their privacy and cookie policies.

10. International data transfers

Some of our service providers may process personal data outside the UK.

Our website is hosted on Squarespace, and other providers, such as Google and Cookiebot, may also process data internationally, depending on how their services operate. Where personal data is transferred outside the UK, we aim to use recognised safeguards to protect that data, such as contractual transfer mechanisms provided by those providers.

11. Data security

We use appropriate technical and organisational measures to help protect personal data against accidental loss, misuse, unauthorised access, alteration or disclosure.

However, no internet-based service can ever be completely secure, and we cannot guarantee absolute security.

12. Data retention

We keep personal data only for as long as reasonably necessary for the purpose for which it was collected, including to:

  • respond to enquiries;

  • maintain appropriate business and compliance records;

  • investigate complaints or disputes; and

  • meet legal, regulatory or accounting requirements.

Where we cannot state an exact retention period in advance, we determine the retention period by considering the nature of the data, why it was collected, how sensitive it is, and any legal or operational requirements.

13. Your data protection rights

Depending on the circumstances, you may have the right to:

  • access your personal data;

  • request correction of inaccurate or incomplete data;

  • request erasure of your personal data;

  • request restriction of processing;

  • object to processing based on legitimate interests;

  • request portability of personal data you have provided to us; and

  • withdraw consent at any time, where consent is the basis for processing.

To exercise any of these rights, please contact us at contact@activehearthealth.com.

You also have the right to complain to the Information Commissioner’s Office (ICO): https://ico.org.uk/make-a-complaint/. We would, however, appreciate the opportunity to discuss your concern before you approach the ICO.

14. Automated decision-making and profiling

We do not carry out solely automated decision-making or profiling that produces legal effects or similarly significant effects for individuals.

15. Children’s data

This website is not intended for children, and we do not knowingly collect personal data from children.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

Any changes will be posted on this page with an updated review date. Where appropriate, we may also take additional steps to bring important changes to your attention.

If you have any questions about this Privacy Policy, please contact us at contact@activehearthealth.com.