Your data protection rights under UK GDPR
twilight-vistas is fully committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We respect your privacy and are dedicated to protecting your personal data.
twilight-vistas is the data controller for personal information collected through our website and services. This means we determine the purposes and means of processing your personal data.
Contact Details:
Email: [email protected]
Address: The Innovation Hub, 47 Wellington Street, Leeds, LS1 4JF
The UK GDPR provides you with specific rights regarding your personal data:
You have the right to know how your personal data is being used. Our Privacy Policy and this GDPR page provide this information clearly and transparently.
You can request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to valid requests within one month.
If any personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected. Contact us to update your information.
Also known as the "right to be forgotten", you can request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
You can request that we limit how we use your personal data in certain situations, such as while we verify the accuracy of data you have disputed.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
You can object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
You have rights in relation to automated decision-making and profiling. We do not currently use automated decision-making that produces legal or similarly significant effects.
To exercise any of your data protection rights, please contact us:
We will respond to your request within one month. In complex cases, we may extend this by a further two months, but we will inform you if this is necessary.
We only process personal data when we have a lawful basis to do so. Our lawful bases include:
As an organisation that works with children, we take extra care to protect their data. We implement enhanced safeguards for children's personal information, including:
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.
We primarily store and process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place to protect your data in accordance with UK GDPR requirements.
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
We would appreciate the opportunity to resolve any concerns before you contact the ICO, so please reach out to us first.
We may update this GDPR compliance information from time to time. Any changes will be posted on this page. We recommend checking back periodically for updates.
Last updated: January 2024