Data Breach Procedures

At Nutrition for Mind and Body, we are committed to protecting your personal data. This page outlines the procedures we would take if we suspected a data breach had occurred, how we inform you about your data protection rights, and the measures we take to safeguard your information.

Steps in Case of a Suspected Data Breach

We take the security of your personal data seriously and have measures in place to detect, respond to, and mitigate data breaches. In the unlikely event of a personal data breach we will:

  1. Assess the breach promptly to understand its scope and impact 
  2. Notify the relevant supervisory authority such as the Information Commissioner's Office in the UK or other EU Data Protection Authorities within 72 hours if the breach is likely to result in a risk to your rights and freedoms. We would take steps to contain the breach and prevent further data loss.
  3. Investigation We would launch a thorough investigation to understand how the breach occurred and identify affected data. 
  4. Notification: We would notify affected individuals and relevant authorities as required by law.
  5. Take remedial actions to mitigate any potential adverse effects, including improving our security measures to prevent future breaches. 

Informing You of Your Data Protection Rights

We ensure you are aware of your data protection rights by:

  • Providing a clear and accessible Privacy Policy on our website, explaining how we collect, use, and protect your data.
  • Offering you the opportunity to opt-in to marketing communications and clearly explaining how to withdraw consent.
  • Responding promptly to your inquiries regarding your data protection rights.

Most Vulnerable Data and Protection Measures

We believe that the most vulnerable data in our business includes:

  1. Personal information used for nutrition plans
  2. Contact information

To protect this data, we take the following steps:

  • Implementing strong encryption for data at rest and in transit.
  • Using multi-factor authentication for access to sensitive systems.
  • Regularly auditing our security measures and conducting vulnerability assessments.
  • Training our staff on data protection best practices.

Immediate Action After Discovering a Data Breach

The most important thing to do immediately after discovering a data breach is to secure the affected systems and prevent further unauthorised access. This involves isolating compromised servers, changing passwords, and alerting us via email to: info@nutrition-for-mind-and-body.com

Need more information?

If you have any concerns about your data or our data breach procedures, please don't hesitate to contact us. We're here to help!