This site contains commercial information

GDPR Compliance

Your data protection rights under UK GDPR

Our Commitment to Data Protection

sheen-flare is committed to complying with the UK General Data Protection Regulation and the Data Protection Act 2018. This page explains how we uphold your data protection rights.

Data Controller

sheen-flare acts as the data controller for personal information collected through our website and services. We are responsible for ensuring your data is processed lawfully, fairly, and transparently.

Your Rights Under UK GDPR

Right to Be Informed

You have the right to clear, transparent information about how we use your personal data. This information is provided in our Privacy Policy and this GDPR statement.

Right of Access

You have the right to access your personal data and receive information about how we process it. You may request a copy of the personal information we hold about you.

Right to Rectification

If your personal data is inaccurate or incomplete, you have the right to have it corrected or completed.

Right to Erasure

Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You have the right to request that we restrict processing of your personal data in certain situations, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

You have rights regarding automated decision-making and profiling. We do not currently use automated decision-making processes that produce legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us at:

Email: [email protected]
Address: 42 Kensington High Street, London, W8 4PF, United Kingdom

We will respond to your request within one month. In complex cases, we may extend this period by two additional months and will inform you of the extension.

Lawful Basis for Processing

We process your personal data based on one or more of the following lawful bases:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose
  • Contract: Processing is necessary to fulfill a contract with you or to take steps at your request before entering into a contract
  • Legal obligation: Processing is necessary to comply with the law
  • Legitimate interests: Processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection
  • Regular backups and disaster recovery procedures

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk to you, we will also notify you directly.

International Data Transfers

We primarily process data within the United Kingdom. If we transfer your data outside the UK, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions.

Data Protection Officer

For questions regarding data protection or to exercise your rights, you may contact our data protection contact at [email protected].

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with UK GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: www.ico.org.uk

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website.