Advertisement

GDPR Information

Your Data Protection Rights Under GDPR

Data Controller

For the purposes of data protection legislation, reef-stoat acts as the data controller for personal information collected through this website. Our contact details are provided at the bottom of this page.

Legal Basis for Processing

We process personal data on the following legal bases:

  • Contractual Necessity: Processing is necessary to respond to service requests and provide contracted services
  • Legitimate Interests: We have legitimate business interests in maintaining customer records and communicating about active projects
  • Consent: Where applicable, you have provided explicit consent for specific processing activities

Your Rights Under GDPR

Under the General Data Protection Regulation, you have the following rights:

Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies beyond the first request.

Right to Rectification

You have the right to request correction of any information you believe is inaccurate or completion of information you believe is incomplete.

Right to Erasure

You have the right to request deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You have the right to request restriction of processing your personal data under certain conditions.

Right to Data Portability

You have the right to request transfer of your data to another organization or directly to you in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as the legal basis for processing.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in our privacy policy, comply with legal obligations, resolve disputes, and enforce agreements. Service enquiry data is typically retained for up to 24 months following the conclusion of services.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular security assessments.

International Data Transfers

Personal data collected through this website is stored and processed within the United Kingdom. We do not transfer personal data outside the UK or European Economic Area.

Exercising Your Rights

To exercise any of the rights described above, please contact us at [email protected]. We will respond to your request within one month of receipt. If your request is complex or we have received multiple requests, we may extend this period by a further two months and will notify you accordingly.

Right to Lodge a Complaint

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

Contact Information

For questions regarding GDPR compliance or to exercise your data protection rights, please contact us at [email protected].