Information on this site is advertising in nature Serving the United Kingdom

GDPR Compliance

Information about your data protection rights under UK GDPR.

Last updated: January 2024

Our Commitment to Data Protection

beige-cliff is committed to protecting your personal data and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This page provides information about how we comply with data protection legislation and explains your rights as a data subject.

Data Controller

beige-cliff is the data controller responsible for your personal data collected through this website and during the provision of our services.

Contact details:

beige-cliff
47 Oakwood Lane
Guildford, Surrey
GU2 7PX
United Kingdom

Email: [email protected]

What Personal Data We Process

In the course of our business activities, we may process the following categories of personal data:

  • Identity Data: First name, last name
  • Contact Data: Email address, postal address
  • Service Data: Information about your property and service requirements
  • Technical Data: IP address, browser type, operating system
  • Usage Data: Information about how you use our website
  • Communication Data: Records of correspondence with us

Legal Basis for Processing

We will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of Contract: Where we need to process your data to perform a contract we have entered into with you, or to take steps at your request before entering into such a contract.
  • Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Legal Obligation: Where we need to comply with a legal obligation.
  • Consent: Where you have given consent to the processing of your personal data for one or more specific purposes.

Your Rights Under UK GDPR

Under UK GDPR, you have the following rights regarding your personal data:

Right to Be Informed

You have the right to be informed about the collection and use of your personal data. This information is provided through this page and our Privacy Policy.

Right of Access

You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR).

Right to Rectification

You have the right to have inaccurate personal data rectified, or completed if it is incomplete.

Right to Erasure

You have the right to request the deletion or removal of personal data where there is no compelling reason for its continued processing. This is also known as the "right to be forgotten".

Right to Restrict Processing

You have the right to request the restriction or suppression of your personal data in certain circumstances.

Right to Data Portability

You have the right to obtain and reuse your personal data for your own purposes across different services.

Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.

Rights Related to Automated Decision Making

You have rights related to automated decision making and profiling. We do not currently use automated decision making that has legal or similarly significant effects.

How to Exercise Your Rights

If you wish to exercise any of the rights set out above, please contact us using the details provided. We will respond to your request within one month. In some cases, we may need to verify your identity before processing your request.

There is no fee for making a request, though we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Data Security

We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing your personal data. These measures are designed to protect against unauthorised or unlawful processing and against accidental loss, destruction, or damage.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your data, and the applicable legal requirements.

International Transfers

We do not routinely transfer personal data outside the United Kingdom. Should any transfer be necessary, we will ensure appropriate safeguards are in place to protect your personal data.

Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Website: www.ico.org.uk

We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.

Changes to This Information

We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.