Information on this site is advertising in nature

GDPR Compliance

Last updated: January 2024

1. Our Commitment to Data Protection

witty-glade is committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we meet our obligations under these regulations and explains your rights as a data subject.

2. Data Controller Information

witty-glade acts as the data controller for personal data collected through this website. Our contact details are:

witty-glade
47 Belgravia Court
London SW1W 8NP
United Kingdom

Email: [email protected]

3. Lawful Basis for Processing

We process personal data under the following lawful bases as defined in Article 6 of the UK GDPR:

  • Consent: Where you have given clear consent for us to process your personal data for specific purposes
  • Contract: Where processing is necessary for the performance of a contract or to take steps at your request before entering a contract
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation
  • Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights

4. Your Rights Under UK GDPR

Under the UK GDPR, you have the following rights:

  • Right to Access (Article 15): You have the right to obtain confirmation of whether we process your personal data and to access that data
  • Right to Rectification (Article 16): You have the right to have inaccurate personal data corrected without undue delay
  • Right to Erasure (Article 17): You have the right to request deletion of your personal data in certain circumstances
  • Right to Restrict Processing (Article 18): You have the right to request restriction of processing in certain circumstances
  • Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, commonly used format
  • Right to Object (Article 21): You have the right to object to processing based on legitimate interests or for direct marketing purposes
  • Rights Related to Automated Decision Making (Article 22): You have the right not to be subject to decisions based solely on automated processing that significantly affect you

5. Exercising Your Rights

To exercise any of your rights, please contact us using the details provided above. We will respond to your request within one month of receipt. In complex cases or where we receive numerous requests, we may extend this period by a further two months, but we will inform you of any extension within the first month.

We may request verification of your identity before processing your request to ensure the security of your personal data.

6. Data Protection Principles

We adhere to the data protection principles set out in Article 5 of the UK GDPR:

  • Lawfulness, fairness, and transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes
  • Data minimisation: We ensure data is adequate, relevant, and limited to what is necessary
  • Accuracy: We take reasonable steps to ensure personal data is accurate and up to date
  • Storage limitation: We keep data only as long as necessary for the purposes for which it was collected
  • Integrity and confidentiality: We process data securely using appropriate technical and organisational measures

7. Data Breach Procedures

We have procedures in place to detect, report, and investigate personal data breaches. Where a breach is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours and, where required, inform affected individuals without undue delay.

8. International Data Transfers

Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place in accordance with Chapter V of the UK GDPR. This may include transfers to countries with adequacy decisions or the use of Standard Contractual Clauses.

9. Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been infringed. The ICO can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Website: ico.org.uk

10. Updates to This Document

We review our data protection practices regularly and may update this document to reflect changes in our practices or legal requirements. The date of the last update is shown at the top of this page.

We use cookies to enhance your browsing experience and analyse site traffic. By continuing to use this site, you consent to our use of cookies. Learn more