Data Protection Framework We comply fully with the UK GDPR and Data Protection Act 2018.
Core Principles We Follow: Lawfulness, fairness, transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality; and accountability.
Roles & Accountability We act as the Data Controller. If required, a Data Protection Officer (DPO) will be appointed and contact details provided.
Data Breach Protocol In case of a personal data breach, we will notify the ICO and affected users within 72 hours, where required.
Impact Assessments For high-risk data processing (e.g., profiling), we conduct Data Protection Impact Assessments (DPIAs).
Privacy by Design Data privacy is integrated into our products and operations from the outset.
