Privacy Policy


“We/us/our” means Vitaflo (International) Limited, company number 3380926

This policy (together with our website terms of use and any other documents referred therein) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it



We may collect and process the following data about you:

  1. a) Information that you provide by logging in to, or filling in forms on our site. We may also ask you for information when you enter a competition or promotion and when you report a problem with one of our sites.
  2. b) If you contact us, we may keep a record of that correspondence.
  3. c) Details of any transactions you carry out through our site and of the fulfilment of any orders.
  4. d) Details of your visits to our site including information about your computer like your IP address, operating system and browser type.
  5. e) Information you provide to other sources (for example, we may ask a third party to provide us additional information about our existing customers).
  6. f) Content that you create and then share with us (and perhaps others) by uploading it to one of our websites or applications, including any of our social media sites.
  7. g) Information that is part of your profile on a third party social network that you allow that network to share with us.
  8. h) Other information that we might need to collect for a specific Vitaflo form, feature or other service that you use or request. What this information includes may vary depending on the method of collection and the specific purpose for which the information is being collected.


When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as cookies. They cannot be used to identify you personally.

These pieces of information are used to improve services for you through, for example:

  • enabling a service to recognise your device so you don’t have to give the same information several times during one task
  • measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast

You can manage these small files yourself and learn more about them. More information is available on the Directgov website: Internet Cookies – what they are and how to manage them.

Cookies for improving service

Google Analytics sets cookies to help us accurately estimate the number of visitors to the website and volumes of usage. This to ensure that the service is available when you want it and fast. The cookies used for this are listed below:

Table containing the cookies which we use to improve our service


Typical content



Randomly generated number

2 years


Randomly generated number

30 minutes


Randomly generated number

When user closes browser


Randomly generated number

1 days


Randomly generated number + info on how the site was reached (e.g. directly or via a link, organic search or paid search)

6 months


Used by Incapsala, DNS-based firewall



Used by Incapsala, DNS-based firewall



Used by Incapsala, DNS-based firewall



Used to route data and page requests to the correct server where a site is hosted on multiple servers.



The PHPSESSID cookie is native to PHP and allows websites to store serialised state data. On the Action website it is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie. As the PHPSESSID cookie has no timed expiry, it disappears when the client is closed. The use of the PHPSESSID cookie is highly embedded in the SilverStripe CMS and is a central part of the working of the system; initiating a session is one of the first things SilverStripe does when a web page is requested. The PHP Session::start() command that sets the cookie is invoked from the programme main.php, which is part of SilverStripe’s core code. In addition, SilverStripe utilises the PHP session for many of its features. On the Action website, the accessibility style switcher uses the PHP session to maintain state and would not function as intended without the PHPSESSID cookie being set. The security for the registration form relies on the PHP session and, as there are no specific cookies used to pass login state data, user logins are preserved through the session. The page view history for logged in users is initially recorded as an array in the PHP session and requires the PHPSESSID cookie to be set in order to function.



For further details on the cookies set by Google Analytics, please refer to the Google Code website and


  1. a) Please note the data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
  2. b) We are committed to taking all reasonable steps to protect the confidentiality and security of your personal information which we may collect however, unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.



  1. a) The data we collect from you will be used for the purposes of administration, customer service (including order fulfilment), business development, trend analysis and marketing. We may also use it to create offers designed to meet your needs.
  2. b) We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these.
  3. c) If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please let us know by emailing Customer Services on



  1. a) We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (and some of which may be outside of the EEA).
  2. b) We may disclose your personal information to any prospective seller or buyer of our business or any third party if we are under a duty to disclose or share your personal data in order to comply with any legal obligation.



  1. a) You have the right to ask us not to process your personal data for marketing purposes at any time by contacting Customer Services on
  2. b) Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.



The Data Protection Act gives you the right to access information held about you. Your right of access can be exercised in accordance with that Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.



Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.



Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to Customer Services on