GDPR Compliance

Our commitment to protecting your data rights

Our Commitment to Data Protection

AlbiovordTechPro is fully committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your data rights seriously and have implemented comprehensive measures to ensure your personal information is processed lawfully, fairly, and transparently.

Data Controller Information

AlbiovordTechPro acts as the data controller for personal information collected through our website and services. Our contact details are:

AlbiovordTechPro
142 Kensington High Street
Kensington, London W8 7RL
United Kingdom
Email: [email protected]

Principles of Data Processing

We adhere to the following data protection principles when processing your personal information:

  • Lawfulness, fairness, and transparency: We process data legally, fairly, and in a transparent manner
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes only
  • Data minimization: We collect only data that is adequate, relevant, and limited to what is necessary
  • Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date
  • Storage limitation: We retain data only for as long as necessary for the purposes collected
  • Integrity and confidentiality: We process data securely with appropriate technical and organizational measures
  • Accountability: We can demonstrate compliance with these principles

Legal Basis for Processing

We only process your personal data when we have a valid legal basis. The legal bases we rely on include:

Consent

When you provide explicit consent for us to process your data for specific purposes, such as receiving marketing communications. You can withdraw consent at any time by contacting us.

Contractual Necessity

Processing necessary to perform our contract with you or to take steps at your request before entering into a contract.

Legal Obligation

Processing required to comply with legal obligations, such as maintaining records for tax purposes or responding to lawful requests from authorities.

Legitimate Interests

Processing necessary for our legitimate business interests or those of a third party, provided your interests and fundamental rights do not override those interests. We conduct legitimate interest assessments to ensure balance between our needs and your rights.

Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Be Informed

You have the right to clear, transparent information about how we use your personal data. This information is provided through our Privacy Policy and this GDPR statement.

Right of Access

You can request access to your personal data and receive a copy of the information we hold about you. We will provide this within one month of your request, free of charge in most cases.

Right to Rectification

If personal data we hold about you is inaccurate or incomplete, you can request that we correct or complete it. We will respond to rectification requests within one month.

Right to Erasure

Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances, including:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent on which processing is based
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • The data must be erased to comply with a legal obligation

This right is not absolute and may not apply if we need to retain data for legal obligations or to establish, exercise, or defend legal claims.

Right to Restrict Processing

You can request restriction of processing in specific situations, such as when you contest the accuracy of data or object to processing. During restriction, we can store the data but not use it without your consent, except for legal claims or to protect another person's rights.

Right to Data Portability

You can request a copy of your personal data in a structured, commonly used, and machine-readable format. You can also request that we transmit this data directly to another controller where technically feasible.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. If you object to direct marketing, we will stop processing your data for that purpose immediately.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produces legal effects or similarly significant effects. We do not currently use automated decision-making processes that would trigger this right.

How to Exercise Your Rights

To exercise any of your data protection rights, contact us using the details provided above. When making a request, please:

  • Provide sufficient information to identify yourself
  • Specify which right you wish to exercise
  • Include any relevant details to help us locate your data

We will respond to your request within one month. In complex cases or if we receive multiple requests, we may extend this period by two months and will inform you of any extension.

We do not charge a fee for most requests. However, if requests are manifestly unfounded, excessive, or repetitive, we may charge a reasonable fee or refuse to act on the request.

Data Security Measures

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls limiting who can view personal data
  • Staff training on data protection and security practices
  • Secure backup and disaster recovery procedures
  • Incident response procedures for data breaches

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you without undue delay and within 72 hours of becoming aware of the breach. The notification will describe:

  • The nature of the breach
  • The categories and approximate number of data subjects affected
  • The likely consequences of the breach
  • The measures we have taken or propose to take to address the breach
  • Contact details for obtaining further information

Third-Party Processing

When we engage third parties to process personal data on our behalf, we ensure they:

  • Process data only according to our documented instructions
  • Maintain appropriate security measures
  • Comply with GDPR requirements
  • Enter into data processing agreements with us

International Transfers

We primarily store and process data within the United Kingdom. If we transfer personal data outside the UK, we ensure adequate safeguards are in place, such as:

  • Transfers to countries with adequacy decisions
  • Standard contractual clauses approved by the ICO
  • Binding corporate rules
  • Other appropriate safeguards recognized under data protection law

Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) when processing activities are likely to result in high risks to your rights and freedoms. These assessments help us identify and minimize data protection risks.

Children's Data

Our services are not directed at children under 18. We do not knowingly collect or process personal data from children. If we become aware that we have collected data from a child without appropriate consent, we will delete it promptly.

Complaints and Concerns

If you have concerns about how we handle your personal data, please contact us first so we can address your concerns. If you remain dissatisfied, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: www.ico.org.uk

Updates to This Statement

We may update this GDPR compliance statement periodically to reflect changes in our practices or legal requirements. The date at the top of this page indicates when it was last updated. We encourage you to review this statement regularly.

Further Information

For more detailed information about how we process your data, please refer to our Privacy Policy. If you have specific questions about GDPR compliance or data protection, contact our data protection team using the details provided above.