Information on this site is advertising in nature [email protected]

GDPR Compliance

Our commitment to data protection under the General Data Protection Regulation

Our Commitment to GDPR

velvet-stoat is fully committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. As a cybersecurity consultancy, we understand the critical importance of protecting personal data and upholding the privacy rights of individuals.

Data Controller Information

velvet-stoat acts as the data controller for personal information collected through our website and during our business operations. Our contact details are:

velvet-stoat
71-75 Shelton Street
Covent Garden
London WC2H 9JQ
United Kingdom
Email: [email protected]

Your Data Protection Rights

Under the UK GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of receiving your request.

Right to Rectification

If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request correction. We will respond to such requests within one month.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purpose it was collected, or you withdraw consent where consent was the legal basis for processing.

Right to Restrict Processing

You may request that we limit the processing of your personal data in specific situations, such as when you contest the accuracy of the data or object to processing based on legitimate interests.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as the legal basis. We will cease processing unless we can demonstrate compelling legitimate grounds.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We may need to verify your identity before processing your request. We will respond to all legitimate requests within one month, though this period may be extended by two further months for complex requests.

Data Protection Principles

We adhere to the following data protection principles:

  • Lawfulness, fairness and transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes
  • Data minimisation: We collect only data that is adequate, relevant, and limited to what is necessary
  • Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date
  • Storage limitation: We retain personal data only for as long as necessary
  • Integrity and confidentiality: We process data securely with appropriate technical and organisational measures
  • Accountability: We take responsibility for demonstrating compliance

Data Security Measures

As a cybersecurity firm, we implement robust technical and organisational measures to protect personal data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and vulnerability testing
  • Staff training on data protection and security
  • Incident response procedures for potential data breaches

Data Breach Notification

In the event of a personal data breach that poses a risk to individuals' rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to individuals, we will also notify affected individuals without undue delay.

Complaints

If you have concerns about how we handle your personal data, we encourage you to contact us first at [email protected]. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk

Updates to This Information

We may update this GDPR compliance information periodically to reflect changes in our practices or applicable regulations. The most current version will always be available on our website.

We use cookies to enhance your browsing experience and analyse site traffic. By continuing to use our site, you consent to our use of cookies. Learn more