Last updated: June 25, 2026
We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and related UK data protection legislation. This document outlines how we comply with GDPR requirements and respect your data rights.
We process personal data under the following legal bases:
You have the right to request confirmation of whether we process your personal data and to receive a copy of that data along with supplementary information about the processing.
You may request correction of inaccurate personal data and completion of incomplete data we hold about you.
Under certain circumstances, you have the right to request deletion of your personal data. This right is not absolute and applies only in specific situations defined by GDPR.
You may request that we limit how we use your personal data in specific circumstances, such as when you contest the accuracy of the data or object to our processing.
Where technically feasible, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your rights.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you. We do not engage in automated decision-making.
For matters relating to data protection and to exercise your GDPR rights, please contact us at [email protected].
We implement appropriate technical and organizational security measures to protect personal data, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay in accordance with GDPR requirements.
We primarily process data within the United Kingdom and European Economic Area. If we transfer personal data outside these regions, we ensure appropriate safeguards are in place as required by GDPR.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce agreements. Specific retention periods vary based on data type and purpose.
When we engage third-party service providers to process personal data on our behalf, we ensure they provide sufficient guarantees regarding data protection and enter into appropriate data processing agreements.
To exercise any of your GDPR rights, please submit a written request to [email protected]. We will respond to your request within one month, though this period may be extended by two further months where necessary, taking into account the complexity and number of requests.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection.
ICO Contact Information:
Website: ico.org.uk
Telephone: 0303 123 1113
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Significant updates will be communicated through our website.