PRIVACY POLICY

Effective date: 4 April 2026

INTRODUCTION

Welcome to Resilient Bodybuilding Ltd’s Privacy Policy.

Resilient Bodybuilding Ltd respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use and safeguard your personal information when you visit our website, regardless of where you access it from, as well as outlining your privacy rights and how the law protects you.

IMPORTANT INFORMATION & WHO WE ARE

PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy explains how Resilient Bodybuilding Ltd collects and processes your personal data when you use our website, including when you place an order, sign up for updates, contact us, or otherwise interact with our services.

Our website is not intended for individuals under the age of 18 and we do not knowingly collect or process personal data from children. If we become aware that we have collected personal data from a child, we will take steps to delete it.

This Privacy Policy should be read alongside any other privacy or fair processing notices we may provide when collecting your personal data. It supplements those notices and does not override them.

CONTROLLER

Resilient Bodybuilding Ltd is the controller responsible for your personal data, referred to in this Privacy Policy as “we”, “us”, or “our”.

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us.

ABOUT US & CONTACT INFORMATION

We are Resilient Bodybuilding Ltd, a company incorporated and registered in England and Wales with company number 16748404.

Legal entity: Resilient Bodybuilding Ltd

Email address: info@resilientbodybuilding.com

Registered Office Address:

Resilient Bodybuilding Ltd

45 Fitzroy Street

Fitzrovia, London

W1T6EB

United Kingdom

PO Box:

Resilient Bodybuilding

PO Box 873

Norwich

NR7 7BB

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s independent authority for data protection. We would however, appreciate the opportunity to address your concerns directly, so please contact us first.

THIRD PARTY LINKS

We may use social media platforms such as Instagram and TikTok to promote our products. If you interact with our content or follow links from our website to third party websites, tools, or services, those third parties may collect or share information about you in accordance with their own privacy policies.

We do not control these external platforms and are not responsible for their privacy practices. We recommend reviewing their privacy policies before engaging with them.

THE DATA WE COLLECT ABOUT YOU

Personal data refers to any information that can be used to identify an individual. This does not include information that has been anonymised so that it cannot be linked back to a specific person.

We may collect and process different types of personal data about you, which are outlined below:

* Identity data includes: title, name and email address.

* Contact data includes: billing address, delivery address and email address.

* Financial data includes: limited payment related information such as payment method, transaction references and payment status. full payment card details are processed securely by our third party payment providers and are not stored or accessible by us.

* Transaction data includes: details about payments to and from you and other details of products and services you have purchased from us.

* Technical data includes: internet protocol (IP) address, browser type and version, time zone setting and location, browser plug in types and versions, operating system and platform and other technology on the devices you use to access the website.

* Usage data includes: information about how you use our website, products and services.

* Marketing and communications data includes: your preferences for receiving marketing from us and your communication preferences.

We may use anonymous or grouped information (such as statistics or general user data) to understand how our website is used and to improve our services. This information does not identify you personally and is not treated as personal data. If it is ever combined with information that could identify you, it will be treated as personal data and handled in line with this Privacy Policy.

HOW YOUR PERSONAL DATA IS COLLECTED

We collect personal data in the following ways:

INFORMATION YOU PROVIDE DIRECTLY

you may provide personal information when you place an order, sign up to receive updates, contact us, participate in promotions, or provide feedback. this may include your name, contact information, payment details and order information.

INFORMATION COLLECTED AUTOMATICALLY

When you visit and use our website, we may automatically collect certain technical information about your device, browsing behaviour and interaction with the site. This information is collected through cookies and similar technologies to help us improve our website and services.

THIRD PARTIES OR PUBLICLY AVAILABLE SOURCES

We may receive personal data about you from third parties and publicly available sources, including:

Technical data from:

* Analytics providers such as google

* Search information providers such as google

We may receive certain personal information, such as contact, payment and transaction details, from trusted third party providers who support our website, payment processing and delivery services (for example, payment processors such as Stripe). Some of these providers may process data outside of the UK and where this occurs, appropriate safeguards are in place.

HOW WE USE YOUR PERSONAL DATA

We only use your personal data where permitted by law. Most commonly, we use your information to:

* Process and fulfil your orders and provide our products and services

* Manage payments, delivery and customer support

* Operate, maintain and improve our website

* Comply with legal and regulatory obligations

In some cases, we may process your data where it is necessary for our legitimate business interests, provided these do not override your rights and freedoms.

We do not usually rely on consent as the legal basis for processing your personal data, except where required for marketing communications. Where you have chosen to receive marketing, you may withdraw your consent at any time by contacting us or using the unsubscribe link in our emails.

LAWFUL BASIS FOR PROCESSING

We process personal data on the basis of one or more lawful grounds, including the performance of a contract, compliance with legal obligations, our legitimate business interests and consent where required for marketing communications.

AUTOMATED DECISION MAKING

We do not use automated decision making or profiling that has legal or similarly significant effects on you.

PROMOTIONAL OFFERS FROM US

We may use certain information, such as your contact details and browsing activity, to better understand your interests and to tailor the products, content, or offers we show you. This helps us make our marketing more relevant to you.

You will only receive marketing communications from us where you have chosen to receive them. For example, by subscribing to updates or making a purchase where you have not opted out of marketing. You can withdraw your consent at any time by using the unsubscribe link in our emails or by contacting us directly.

THIRD PARTY MARKETING

We will only share your personal data with third parties for marketing purposes where you have explicitly consented to this. We do not sell or rent your personal data to third parties for marketing purposes.

Where your data is shared with third parties, they will process it in accordance with their own privacy policies.

Please note that opting out of marketing communications will not affect essential service related communications, such as order confirmations, delivery updates, or other information relating to purchases or transactions you have made with us.

COOKIES

Our website uses cookies and similar technologies to ensure it functions properly, to improve performance and enhance your browsing experience.

STRICTLY NECESSARY COOKIES

These cookies are essential for the operation of our website and enable core functionality such as page navigation, secure access, shopping basket and wish list features. Our website cannot function properly without these cookies.

ANALYTICS COOKIES

We may use analytics cookies to collect information about how visitors use our website, such as pages visited and time spent on the site. This helps us understand website usage and improve performance. Where required, these cookies will only be set with your consent.

FUNCTIONAL COOKIES

These cookies allow our website to remember choices you make, such as your preferences, in order to provide a more personalised browsing experience.

You can manage, restrict, or disable cookies through your browser settings at any time. Please note that limiting or blocking certain cookies may affect the functionality of our website and restrict access to some features. Where applicable, you can also accept or decline non essential cookies through our cookie banner.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which it was collected. In some cases, we may use your information for a related purpose where this is appropriate and compatible with the original reason it was collected. If you would like more information, please contact us.

SHARING YOUR PERSONAL DATA

We may share your personal data with trusted third parties where necessary to operate our business, including payment processing, order fulfilment, delivery services, website hosting, analytics and other essential services. We only share the information required for these purposes.

INTERNATIONAL TRANSFERS OF PERSONAL DATA

To operate our website and fulfil orders, we may share your personal data with trusted service providers who may process data outside the UK, including services related to website hosting, payment processing, email communication, delivery and other business operations.

Where personal data is transferred outside the UK, we rely on appropriate safeguards implemented by our third party providers, such as standard contractual clauses or other legally approved mechanisms, to ensure your data is protected in accordance with UK data protection laws.

DATA SECURITY & PAYMENT TRANSACTIONS

We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. Access to personal data is limited to those who require it for legitimate business purposes and who are subject to confidentiality obligations.

We have procedures in place to manage and respond to any suspected personal data breach and will notify affected individuals and relevant regulatory authorities where legally required.

Our website is hosted on Squarespace, which provides the e commerce platform used to sell our products. Squarespace stores data on secure servers and uses safeguards designed to protect personal information.

Payment transactions are processed securely by third party payment providers. We do not store or process full payment card details. These providers handle card information in accordance with industry security standards, including the Payment Card Industry Data Security Standard (PCI-DSS).

DATA RETENTION

We only retain personal data for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, or regulatory requirements.

In some cases, we are required to retain certain information, such as transaction & customer details, for up to six years for tax and record keeping purposes.

You may request that your personal data be deleted in certain circumstances. Where appropriate, we may also anonymise data so that it can no longer be linked to you and use it for statistical purposes.

NO FEE USUALLY REQUIRED

You will not usually be required to pay a fee to access your personal data or exercise your rights. However, we may charge a reasonable fee or refuse to act on a request if it is clearly unfounded, repetitive, or excessive.

INFORMATION WE MAY NEED

To protect your personal data, we may request additional information to verify your identity before responding to your request. This helps ensure that personal data is not disclosed to anyone who is not entitled to receive it. We may also contact you for further information to help us respond more efficiently.

RESPONSE TIME

We aim to respond to all valid data protection requests within one month. If your request is complex or involves multiple requests, it may take longer. If this happens, we will let you know and keep you updated.

For general enquiries or customer support, we aim to respond within 24 - 48 hours.

GLOSSARY

LAWFUL BASIS

Lawful basis refers to the legal reason under data protection laws that allows us to collect and use your personal data.

LEGITIMATE INTEREST

Legitimate interest means we may process your personal data where it is necessary for running and managing our business, as well as providing our products and services effectively and securely. We carefully consider the impact on your rights and freedoms before relying on this basis and only use it where your interests are not overridden.

PERFORMANCE OF A CONTRACT

Performance of a contract means processing your personal data where it is necessary to fulfil a contract with you, or to take steps at your request before entering into one (for example, processing an order or responding to a query).

LEGAL OR REGULATORY OBLIGATION

This applies when we need to process your personal data in order to meet our legal or regulatory obligations.

THIRD PARTIES

We may share your personal data with trusted third parties where necessary to operate our business, provide our services and meet legal obligations. These include:

WEBSITE & E COMMERCE SERVICES

Service providers such as Squarespace, who act as data processors and provide website hosting and e commerce functionality. These providers may be based in the UK or in other countries.

PAYMENT PROCESSING SERVICES

Payment providers who securely process transactions on our behalf. These providers act as data processors and handle payment information in accordance with industry security standards.

DELIVERY & LOGISTICS SERVICES

Shipping providers who act as data processors and assist with order fulfilment and delivery.

EMAIL & MARKETING SERVICES

Marketing and communications platforms, who act as data processors and assist with sending communications where you have opted in.

ANALYTICS & WEBSITE PERFORMANCE SERVICES

Analytics providers who help us understand how our website is used and improve performance. These providers may act as data processors or controllers and may be based in the UK or in other countries.

SERVICE PROVIDERS & TECHNICAL SUPPORT

Service providers and technical support providers who assist us in developing, maintaining and improving our website and services.

PROFESSIONAL ADVISERS

Professional advisers, including lawyers, accountants, auditors, insurers and banking providers, who act as data processors or joint controllers and provide legal, financial, insurance or advisory services.

REGULATORY AUTHORITIES

HM Revenue and Customs (HMRC) and other relevant authorities in the UK where we are legally required to share information for tax, regulatory, or compliance purposes. All third parties are required to process personal data in accordance with applicable data protection laws and only on our instructions and to implement appropriate security measures to protect such data.

YOUR LEGAL RIGHTS

Under data protection laws, you have the right to:

ACCESS YOUR PERSONAL DATA

You can request a copy of the personal data we hold about you and check that it is being processed lawfully.

CORRECT YOUR PERSONAL DATA

You can ask us to correct any information we hold about you that is inaccurate or incomplete.

REQUEST DELETION OF YOUR PERSONAL DATA

You may ask us to delete your personal data where there is no valid reason for us to continue processing it. In some cases, we may be required to retain certain information for legal or regulatory reasons, which we will explain to you if applicable.

OBJECT TO HOW WE USE YOUR DATA

You have the right to object to processing where we rely on legitimate interests, particularly where you feel this impacts your rights. You also have the right to object to your personal data being used for direct marketing at any time.

RESTRICT PROCESSING OF YOUR DATA

You may request that we limit how we use your personal data in certain circumstances, such as while we verify its accuracy or consider an objection you have raised.

REQUEST TRANSFER OF YOUR DATA

Where applicable, you can request that your personal data be provided to you or transferred to a third party in a commonly used, machine readable format.

WITHDRAW CONSENT

Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. This will not affect processing carried out before consent was withdrawn, but it may limit our ability to provide certain services.