Privacy | Myoform

Wiley Nutrition Limited respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website, and tell you about your privacy rights and how the law protects you.

1. Important Information and Who We Are

1.1 Purpose of This Privacy Notice

This privacy notice aims to give you information on how Wiley Nutrition Limited collects and processes your personal data through your use of our website, Myoform.io. Our website is not intended for children, and we do not knowingly collect data relating to children, other than from their parents or legal guardians where they choose to give it to us.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.

1.2 Data Controller

Wiley Nutrition Limited is the data controller, which means that Wiley Nutrition Limited is responsible for the personal data we collect from and about you (collectively referred to as “Wiley Nutrition”, "we," "us," or "our" in this privacy notice). We have appointed a data privacy officer who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy officer using the details set out below.

1.3 Contact Details

Full name of legal entity: Wiley Nutrition Limited
Name or title of data privacy officer: Theo Wiley
Contact details: [email protected]

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). If you are based in the European Union (EU), you may contact your local Data Protection Authority (DPA). If you are in the United States, you may have rights under various federal and state privacy laws such as the California Consumer Privacy Act (CCPA) or the Health Insurance Portability and Accountability Act (HIPAA) where applicable. However, we would appreciate the chance to deal with your concerns before you approach these authorities, so please contact us in the first instance.

1.4 Changes to the Privacy Notice and Your Duty to Inform Us of Changes

This version was produced in March 2025. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

1.5 Third-Party Links

Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

2. The Data We Collect About You

2.1 Personal Data

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

2.2 Data We Collect on Our Website

We collect personal data of users directly through questionnaires and prompts but also passively through cookies.

Identity Data includes first name, last name, username or similar identifier, date of birth, place of birth, place of residence, and gender.
Contact Data includes delivery address, email address, and telephone numbers.
Profile Data includes your username and password, feedback, and survey responses.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Special Category Data includes health, race, ethnicity, sexual orientation, and genetic testing information. We would only collect this with your explicit consent.

We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.

2.3 Genetic Testing Data

As part of our services, we may collect and process your genetic data. This includes:

Genetic test results from tests provided by us or uploaded by you from third-party genetic testing services.
Health-related information that you choose to provide in connection with our services.
Fitness and nutrition recommendations derived from genetic insights.

We only process genetic data with your explicit consent and in accordance with applicable UK GDPR, EU GDPR, and US privacy laws such as HIPAA where applicable.

2.4 Data Transfers

We may transfer your personal data outside of the United Kingdom (UK), European Economic Area (EEA), and the United States (US) to facilitate our services. When doing so, we ensure appropriate safeguards such as:

Standard Contractual Clauses (SCCs) approved by the European Commission
Binding Corporate Rules (BCRs)
Your explicit consent where required
Other legally recognized transfer mechanisms

2.5 Third-Party Data Sharing

We may share your data with:

Service providers (e.g., payment processors, genetic testing labs, cloud storage providers)
Regulatory authorities (when legally required)
Research institutions (only with your explicit consent)

All third parties must comply with data protection laws and security measures to ensure the protection of your data.

3. Your Rights Under US, EU, and UK Laws

3.1 Your Rights Under UK and EU GDPR

If you are located in the UK or EU, you have the following rights under the UK GDPR and EU GDPR:

Right to Access – You can request access to the personal data we hold about you.
Right to Rectification – You can request corrections to inaccurate or incomplete data.
Right to Erasure – You can request the deletion of your data in certain circumstances.
Right to Restrict Processing – You can request to limit how we use your data.
Right to Data Portability – You can request to transfer your data to another provider.
Right to Object – You can object to certain data processing activities.
Right to Withdraw Consent – Where we rely on consent, you can withdraw it at any time.

3.2 Your Rights Under US Laws (CCPA, HIPAA, etc.)

If you are a United States resident, you may have additional rights under various state and federal laws, including:

The Right to Know – You can request details about how we collect, use, and share your data.
The Right to Delete – You may request the deletion of your personal information.
The Right to Opt-Out – You can opt out of data sales where applicable.
The Right to Non-Discrimination – You will not be discriminated against for exercising your rights.
HIPAA Compliance – If genetic or health data falls under HIPAA, additional safeguards apply.

To exercise any of these rights, please contact [email protected].