GDPR & Data Protection
Last Updated: January 2025
PoundSpinRadar is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Data Controller
PoundSpinRadar acts as the data controller for the personal information we collect and process. We are responsible for ensuring your data is handled lawfully, fairly, and transparently.
Your Rights Under UK GDPR
Under UK data protection law, you have the following rights regarding your personal data:
1. Right to Be Informed
You have the right to be informed about how we collect and use your personal data. This information is provided in our Privacy Policy.
2. Right of Access
You have the right to request a copy of the personal data we hold about you, free of charge. We will respond to your request within one month.
How to exercise: Email us at privacy@poundspinradar.co.uk with your request.
3. Right to Rectification
You have the right to have inaccurate personal data corrected or completed if it is incomplete.
How to exercise: Contact us with details of the correction needed.
4. Right to Erasure (Right to be Forgotten)
You have the right to request deletion of your personal data in certain circumstances, including:
- The data is no longer necessary for the purpose it was collected
- You withdraw consent and there is no other legal basis for processing
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
5. Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
6. Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
7. Right to Object
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Direct Marketing: You can unsubscribe from marketing emails at any time using the unsubscribe link in our emails.
8. Rights Related to Automated Decision Making
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.
Note: We do not engage in automated decision-making or profiling.
How We Process Your Data
Legal Basis for Processing
We process your personal data under the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Website analytics | Legitimate interests |
| Marketing communications | Consent |
| Responding to inquiries | Legitimate interests |
| Legal compliance | Legal obligation |
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law:
- Analytics data: Retained for 26 months
- Email communications: Retained until you unsubscribe
- Inquiry records: Retained for 3 years
- Legal compliance records: As required by law
Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- SSL/TLS encryption for data in transit
- Secure hosting infrastructure
- Access controls and authentication
- Regular security assessments
- Staff training on data protection
Data Breaches
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:
- Notify the Information Commissioner's Office within 72 hours
- Inform affected individuals without undue delay
- Document the breach and our response
- Take measures to prevent future breaches
Third-Party Data Sharing
We may share your data with:
- Service Providers: Hosting, analytics, email services (under data processing agreements)
- Legal Authorities: When required by law
- Business Transfers: In the event of a merger or acquisition
We do not sell your personal data to third parties.
International Data Transfers
If we transfer your data outside the UK, we ensure adequate protection through:
- UK adequacy decisions
- Standard contractual clauses
- Binding corporate rules
How to Exercise Your Rights
To exercise any of your data protection rights, please contact us:
Email: privacy@poundspinradar.co.uk
Subject Line: GDPR Rights Request
Include: Your name, contact details, and a description of your request
We will respond to your request within one month. This period may be extended by two months where requests are complex or numerous.
Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with UK data protection law, you have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Updates to This Notice
We may update this GDPR notice from time to time. We will notify you of any significant changes by posting the updated notice on our website.
Contact Information
For any questions regarding GDPR or data protection, please contact: