GDPR Compliance

Our commitment to protecting your data under the General Data Protection Regulation

Data Controller Information

For the purposes of the General Data Protection Regulation (GDPR), the data controller is:

shard-language
42 Windermere Street
Manchester M14 6LD
United Kingdom
Email: [email protected]

Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies beyond the first request.

Right to Rectification

You have the right to request correction of any information you believe is inaccurate or incomplete.

Right to Erasure

You have the right to request deletion of your personal data under certain conditions, including when the data is no longer necessary for the purposes it was collected.

Right to Restrict Processing

You have the right to request restriction of processing your personal data under certain conditions, such as when you contest the accuracy of the data.

Right to Object

You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.

Right to Data Portability

You have the right to request transfer of your data to another organisation or directly to you in a structured, commonly used, machine-readable format.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time. This does not affect the lawfulness of processing based on consent before withdrawal.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected] with the following information:

We will respond to your request within one month. In complex cases, we may extend this period by two additional months and will inform you of any such extension.

Lawful Basis for Processing

We process your personal data under the following lawful bases:

Data Security Measures

We implement appropriate technical and organisational measures to ensure data security, including:

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk, we will also notify affected individuals without undue delay.

International Data Transfers

We primarily process data within the United Kingdom. If data is transferred outside the UK or European Economic Area, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions.

Children's Privacy

Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects individuals.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom
Website: ico.org.uk

Updates to This Notice

We may update this GDPR compliance notice periodically to reflect changes in our practices or legal requirements. The latest version will always be available on this page with the revision date displayed.

We use cookies to improve your experience on our website. By continuing to browse, you agree to our use of cookies. Read our Cookie Policy for more information.