UK GDPR

Theo Frayne 0 Comments October 23, 2024

UK GDPR Compliance

At Ocean's Reach Retreats, we are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR). This page explains how we comply with your rights under UK GDPR, even though we do not store personal data through user registration or databases.

Scope and Applicability

This compliance page applies to all visitors to our website, oceansreachcroyde.co.uk. While we do not collect personal information through forms, accounts, or databases, we may process limited personal data automatically via cookies, web analytics, and server logs to improve site functionality and user experience. This processing is subject to UK GDPR requirements.

Your Rights Under UK GDPR

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: You may request confirmation of whether we process any of your personal data.
  • Right to rectification: You may request correction of inaccurate or incomplete data.
  • Right to erasure: You may request deletion of your personal data where applicable.
  • Right to restriction of processing: You may request we limit how your data is used.
  • Right to data portability: You may request a copy of your data in a structured, machine-readable format.
  • Right to object: You may object to processing based on legitimate interests, including profiling or analytics.

How We Comply

Although we do not maintain a user database, we ensure compliance by:

  • Using only necessary cookies with prior consent via our cookie banner.
  • Retaining server logs for a maximum of 30 days for security and troubleshooting.
  • Employing analytics tools configured to anonymise IP addresses.
  • Not selling, sharing, or disclosing personal data to third parties for commercial purposes.

Data We Process

The only personal data we may process includes:

  • IP addresses (anonymised via analytics tools)
  • Cookie identifiers (for session and preference management)
  • Browser and device information (for site optimisation)
  • Server logs (temporarily stored for security)

Legal Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Legitimate interests: To ensure website security, performance, and user experience.
  • Consent: For non-essential cookies, we obtain explicit consent before deployment.

How to Exercise Your Rights

To exercise any of your rights under UK GDPR, please contact us by email at [email protected]. Include your full name, the right you wish to exercise, and any relevant details (e.g., IP address or cookie ID if known). We will respond without undue delay.

Response Timeframes

We aim to respond to all requests within one calendar month. If your request is complex or numerous, we may extend this period by up to two additional months and will inform you within one month of receipt.

No Discrimination Policy

We will not deny you services, charge different prices, or provide a different quality of experience because you exercised your rights under UK GDPR.

Updates and Changes

We may update this page periodically to reflect changes in law or our practices. Any material changes will be posted here with an updated effective date.

Contact Information

If you have questions about this compliance page or wish to exercise your rights, please contact:

Theo Frayne
Tindalls Art & Graphics
4 Market Street
ELY
CB7 4LS
[email protected]

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection: ico.org.uk.