Nutritionix and GDPR

  1. Nutritionix and GDPR

Introduction

The General Data Protection Regulation, or GDPR, is a new regulation focused on European Union residents’ privacy rights and personal data protection. The GDPR regulations will go into effect on May 25th, 2018.

Just as nutrition transparency is a core tenet for Nutritionix, it is also important to our team to provide clarity on the processing of your data and your privacy. So we’re making key updates to meet GDPR standards. For example, we’ve updated our Privacy Policy and Terms of Service to use clearer language and account for GDPR requirements. For Track users, we’ve also updated our export feature to provide greater flexibility for access and management of your data. If you have any questions, you can reach us at privacy@nutritionix.com.

Key Legal Basis

Under GDPR, there are a number of grounds to legitimize the processing of personal data. Below, we've listed the most relevant legal bases under the GDPR.

  • Contractual Necessity

    Data processed must be necessary for the service and defined in the contract with the individual.

  • Consent

    The individual has given consent for one or more specific purposes.

  • Legitimate Interests

    A business or third party must have legitimate interests which are not overridden by individuals’ rights or interests.

Rights

The GDPR expands individuals’ rights, as outlined below. For Track users, we’ve updated our export feature to provide further flexibility in managing your data.

  • Right to be forgotten: An individual may request that an organization delete all data on that individual without undue delay.
  • Right to object: An individual may prohibit certain data uses.
  • Right to rectification: Individuals may request that incomplete data be completed or that incorrect data be corrected.
  • Right of access: Individuals have the right to know what data about them is being processed and how.
  • Right of portability: Individuals may request that personal data held by one organization be transported to another.

Third Party Services

Nutritionix uses third-party services to provide various business functions such as business analytics, infrastructure, payments, and customer support. We are only engaging with third parties who are also performing their due diligence to comply with standard security practices and GDPR compliance requirements.

You can reference each third party’s GDPR Communications Pages using the links below:

Amazon Web Services, Inc.
Stripe
Zendesk, Inc.
SurveyMonkey - Wufoo
Capsule CRM
MailerLite
Red Hat, Inc.
Google Analytics
Zapier Inc.
CloudFlare

Data Integrity

Privacy by design and privacy by default are accounted for as part of our product planning process.

We use cookies to understand and save user’s preferences for future visits and compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third party services that track this information on our behalf.
By clicking 'Accept', or using this site, you consent to the use of cookies unless you have disabled them. Cookie Notice