We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. This page provides detailed information about your rights and our obligations under these regulations.
For the purposes of data protection legislation, the data controller is:
cryptic-rover
Unit 47, Riverside Industrial Estate
Collington Way
Manchester M15 4PR
United Kingdom
You have the right to request copies of your personal data. We may charge a reasonable fee for multiple copies or manifestly unfounded requests. We will respond to access requests within one month of receipt.
You have the right to request correction of inaccurate personal data or completion of incomplete personal data. We will make corrections within one month and notify any third parties with whom we shared the data.
You may request deletion of your personal data in the following circumstances:
This right is not absolute and may be limited by our legal obligations to retain certain records.
You may request restriction of processing when:
Where processing is based on consent or contract performance and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you. We do not currently employ automated decision-making processes.
To exercise any of your data protection rights, please submit a request to [email protected] with the following information:
We will respond to your request within one month. In complex cases, this period may be extended by two additional months, about which we will inform you within the initial month.
We process personal data in accordance with the following principles:
We process personal data under the following lawful bases:
We implement appropriate technical and organizational measures including:
In the event of a personal data breach likely to result in high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the Information Commissioner's Office within 72 hours of becoming aware of the breach, where required by law.
We primarily process data within the United Kingdom and European Economic Area. Any transfers to third countries will be conducted in accordance with GDPR requirements, using appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
For questions regarding our data protection practices or to exercise your rights, contact our data protection representative at [email protected].
If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113
We may update this GDPR compliance notice to reflect changes in our practices or legal requirements. Significant changes will be communicated through prominent notice on our website.