Understanding your data protection rights under UK GDPR
sparse-wrench Environmental Consultancy is committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take the protection of your personal data seriously and implement robust measures to ensure your information is handled securely and transparently.
For the purposes of UK GDPR, the data controller is:
sparse-wrench Environmental Consultancy
47 Woodland Business Park
Bristol BS16 1EJ
United Kingdom
Email: [email protected]
You have the right to clear, transparent information about how we use your personal data. This information is provided in our Privacy Policy and this GDPR statement.
You can request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request. This is commonly known as a "subject access request."
If the personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected. We will make corrections within one month and notify any third parties with whom we have shared your data.
Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances, including when:
You can request that we restrict processing of your personal data in specific situations, such as when you contest the accuracy of the data or object to processing.
Where technically feasible, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
You can object to processing of your personal data in certain circumstances, particularly when processing is based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you. We do not currently engage in automated decision-making.
To exercise any of these rights, please contact us at [email protected] or write to us at the address provided above.
When making a request, please provide:
We will respond to your request without undue delay and within one month of receipt. In complex cases, this may be extended by two additional months, and we will inform you of any such extension.
We process personal data for the following purposes:
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay. We will also report the breach to the Information Commissioner's Office (ICO) within 72 hours of becoming aware of it, where required by law.
We do not routinely transfer personal data outside the United Kingdom. If international transfers become necessary, we will ensure appropriate safeguards are in place, such as standard contractual clauses approved by the ICO.
While not legally required to appoint a Data Protection Officer, we have designated a privacy contact person responsible for overseeing data protection compliance. You can reach them at [email protected].
If you believe we have not handled your personal data in accordance with UK GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Tel: 0303 123 1113
Website: ico.org.uk
We may update this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. The current version will always be available on our website with the effective date clearly stated.