MedicalGradeHoney.com

Legal

Privacy policy.

How we handle personal data under the UK GDPR and the Data Protection Act 2018. Plain English, no surprises.

Last updated: May 2026. This is a placeholder draft prepared for solicitor review before publication.

1. Who we are

This website is operated by Family Food and Healthcare Group (the "Group", "we", "us"), a UK-based group of companies. The Group is the data controller for personal data submitted through MedicalGradeHoney.com.

The easiest way to reach us about anything in this policy is the contact page.

2. What we collect

  • Contact form submissions. Name, email, organisation and the message you send us. We need this to reply.
  • Server logs. IP address, user agent, timestamp and pages requested. Used for security, abuse prevention and aggregate traffic analysis.
  • Strictly necessary cookies. Session and security cookies required for the site to function. We do not currently set advertising or cross-site tracking cookies.
  • Analytics. If and when we run analytics, we use privacy-respecting, aggregated measurement only. No advertising profiles are built from your visit.

3. Why we use it (lawful basis)

  • Legitimate interests — replying to enquiries, securing the site, understanding broad traffic patterns to improve content.
  • Consent — where we ask you for any non-essential cookie or marketing preference.
  • Legal obligation — where we must retain or disclose data to comply with UK law.

4. Sharing

We do not sell personal data. We use a small number of vetted processors (hosting, email, security) under appropriate contractual safeguards. We may share data with our sister companies within the Group on the same lawful basis. Where data leaves the UK, we rely on the UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs, plus a transfer risk assessment.

5. Retention

Contact-form correspondence is retained for as long as the enquiry is live, plus a reasonable period thereafter for record-keeping (typically up to 24 months). Server logs are retained for up to 90 days for security purposes. We will delete data sooner on request, subject to any legal holds.

6. Your rights

Under UK GDPR you have rights of access, rectification, erasure, restriction, portability and objection, and the right to withdraw consent where processing relies on it. To exercise any of these, use the contact page. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

7. Security

We use HTTPS across the site, encrypted storage for submitted content, and access controls scoped to the people who need to see correspondence to reply to it. No system is perfectly secure; we will notify the ICO and affected individuals where required by law in the event of a reportable breach.

8. Children

This site is intended for clinicians, researchers, regulatory professionals and adult readers with a professional or personal interest in medical-grade honey. It is not directed at children under 16.

9. Changes

If we make material changes to this policy we will update the date at the top of the page and, where appropriate, notify recent correspondents directly.