Your data protection rights under UK GDPR
volta-gleam is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your privacy seriously and have implemented measures to ensure your personal data is processed lawfully, fairly, and transparently.
volta-gleam is the data controller for personal data collected through our website and services. This means we determine how and why your personal data is processed.
Contact details:
volta-gleam
42 Queens Road
Bristol BS8 1RE
United Kingdom
Email: [email protected]
We process your personal data under the following lawful bases:
Under the UK GDPR, you have the following rights:
You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to your request within one month.
You have the right to request that we correct any personal data we hold about you that is inaccurate or incomplete.
You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects you.
To exercise any of these rights, please contact us at [email protected]. We may ask you to verify your identity before fulfilling your request. We will respond to your request within one month, although we may extend this period by up to two months for complex requests.
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
We do not routinely transfer personal data outside the UK. If we do transfer data internationally, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Government.
As an organisation providing educational services to children, we take particular care when processing children's data. We collect information about children only from their parents or guardians and implement additional safeguards to protect this sensitive information.
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.