GDPR Compliance

We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. This page provides detailed information about your rights and our obligations under these regulations.

Data Controller Information

For the purposes of data protection legislation, the data controller is:

cryptic-rover
Unit 47, Riverside Industrial Estate
Collington Way
Manchester M15 4PR
United Kingdom

Your Data Protection Rights

Right of Access

You have the right to request copies of your personal data. We may charge a reasonable fee for multiple copies or manifestly unfounded requests. We will respond to access requests within one month of receipt.

Right to Rectification

You have the right to request correction of inaccurate personal data or completion of incomplete personal data. We will make corrections within one month and notify any third parties with whom we shared the data.

Right to Erasure

You may request deletion of your personal data in the following circumstances:

This right is not absolute and may be limited by our legal obligations to retain certain records.

Right to Restriction of Processing

You may request restriction of processing when:

Right to Data Portability

Where processing is based on consent or contract performance and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you. We do not currently employ automated decision-making processes.

Exercising Your Rights

To exercise any of your data protection rights, please submit a request to [email protected] with the following information:

We will respond to your request within one month. In complex cases, this period may be extended by two additional months, about which we will inform you within the initial month.

Data Processing Principles

We process personal data in accordance with the following principles:

Lawful Basis for Processing

We process personal data under the following lawful bases:

Data Security Measures

We implement appropriate technical and organizational measures including:

Data Breach Notification

In the event of a personal data breach likely to result in high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the Information Commissioner's Office within 72 hours of becoming aware of the breach, where required by law.

International Data Transfers

We primarily process data within the United Kingdom and European Economic Area. Any transfers to third countries will be conducted in accordance with GDPR requirements, using appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

Data Protection Officer

For questions regarding our data protection practices or to exercise your rights, contact our data protection representative at [email protected].

Complaints

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

Changes to This Notice

We may update this GDPR compliance notice to reflect changes in our practices or legal requirements. Significant changes will be communicated through prominent notice on our website.