');">
Privacy & Data Protection

Privacy Policy

Your privacy and the security of your personal and medical information is our top priority. Learn how we protect and handle your data in accordance with UK data protection laws.

Last updated: September 14, 2025

Introduction

Day 1 Weight ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

As a UK-based medical service provider, we are subject to UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Information We Collect

Personal Information

We collect personal information that you voluntarily provide to us, including:

  • Name, email address, phone number, and postal address
  • Date of birth, gender, and age
  • Medical history and current health conditions
  • Current medications and allergies
  • Lifestyle information (diet, exercise, smoking, alcohol consumption)
  • Weight, height, and BMI measurements
  • GP information and medical records (with consent)

Technical Information

We automatically collect certain technical information when you visit our website:

  • IP address and browser information
  • Device type and operating system
  • Pages visited and time spent on our website
  • Referring website information
  • Cookies and similar tracking technologies

How We Use Your Information

We use your personal information for the following purposes:

  • To provide medical consultations and weight loss treatments
  • To assess your suitability for specific medications
  • To prescribe and dispense medications safely
  • To monitor your progress and adjust treatment plans
  • To communicate with you about your treatment
  • To comply with legal and regulatory requirements
  • To improve our services and website functionality
  • To send you important updates about your treatment

Legal Basis for Processing

Under UK GDPR, we process your personal information based on the following legal grounds:

  • Consent: When you provide explicit consent for specific processing activities
  • Contract: To fulfill our contractual obligations to provide medical services
  • Legal Obligation: To comply with legal requirements for healthcare providers
  • Vital Interests: To protect your health and safety
  • Legitimate Interests: To improve our services and prevent fraud

Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

  • With your GP or other healthcare providers (with your consent)
  • With regulatory authorities when required by law
  • With service providers who assist us in operating our business (under strict confidentiality agreements)
  • In case of emergency to protect your health and safety
  • If required by court order or legal process

Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Secure servers and databases
  • Regular security assessments and updates
  • Access controls and authentication
  • Staff training on data protection
  • Incident response procedures

Your Rights

Under UK GDPR, you have the following rights regarding your personal information:

  • Right of Access: Request a copy of your personal information
  • Right to Rectification: Correct inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal information
  • Right to Restrict Processing: Limit how we use your information
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to certain types of processing
  • Rights Related to Automated Decision Making: Human review of automated decisions

To exercise any of these rights, please contact us using the information provided below.

Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

  • Medical records: 8 years from last treatment (as required by UK law)
  • Consultation data: 3 years from last consultation
  • Marketing communications: Until you opt out
  • Website analytics: 26 months maximum

Cookies and Tracking

We use cookies and similar technologies to improve your experience on our website. You can control cookie settings through your browser preferences.

For more information about our use of cookies, please see our Cookie Policy.

International Data Transfers

We primarily store and process your data within the UK. If we need to transfer data outside the UK, we ensure appropriate safeguards are in place to protect your information in accordance with UK data protection laws.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: contact@day1weight.com
Phone: 0141 644 1765
Address: 15-17 Busby Road, Carmunnock, Clarkston, Glasgow G76 9BP