Your rights under the UK General Data Protection Regulation
Last updated: January 2024
mirage-rider is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take the protection of your personal data seriously and have implemented appropriate measures to ensure your information is handled lawfully, fairly, and transparently.
For the purposes of the UK GDPR, the data controller is:
mirage-rider
47 Willow Gardens
Reading, Berkshire
RG1 4PQ
United Kingdom
Email: [email protected]
As a data subject, you have the following rights:
You have the right to receive clear, transparent information about how we use your personal data. Our Privacy Policy and this GDPR page provide this information.
You have the right to obtain confirmation that your data is being processed and to access your personal data. You may request a copy of the personal information we hold about you at no charge.
You have the right to have inaccurate personal data corrected or completed if it is incomplete. We aim to update records within 30 days of receiving a valid request.
Also known as the right to be forgotten, you may request deletion of your personal data in certain circumstances, including when the data is no longer necessary for its original purpose or when you withdraw consent.
You have the right to request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data or object to our processing.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller without hindrance.
You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds.
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making systems that affect you in this manner.
We process personal data under the following lawful bases:
We implement appropriate technical and organisational measures to protect personal data, including:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Our standard retention period for client records is seven years from the date of your last interaction with us, unless legal obligations require longer retention.
When we transfer personal data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the Information Commissioner's Office, to protect your data.
To exercise any of your GDPR rights, please contact us in writing at the address above or via email. We will respond to valid requests within one month. In complex cases, we may extend this period by a further two months, in which case we will inform you of the extension and the reasons for it.
We may need to verify your identity before processing your request. There is no fee for exercising your rights, unless requests are manifestly unfounded or excessive.
If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Website: ico.org.uk
We encourage you to contact us first so we can attempt to resolve your concerns directly.
We may update this GDPR information periodically. Any changes will be posted on this page with an updated revision date.