Our commitment to protecting your data rights under the General Data Protection Regulation
Last updated: January 2024
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. Although the United Kingdom has left the EU, the UK GDPR (as incorporated into UK law) continues to apply, maintaining equivalent protections.
atoll-ibex is committed to ensuring that your privacy is protected and that we comply with all applicable data protection laws, including the UK GDPR and the Data Protection Act 2018. We take our responsibilities regarding your personal data seriously and have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
For the purposes of the UK GDPR, atoll-ibex is the data controller. This means we determine the purposes and means of processing your personal data.
Contact details:
atoll-ibex
14 Westgate Business Park
Northampton, NN5 7QP
United Kingdom
Email: [email protected]
Under the UK GDPR, you have the following rights regarding your personal data:
You have the right to be informed about how we collect and use your personal data. This information is provided in our Privacy Policy and this GDPR statement.
You have the right to request a copy of the personal data we hold about you. This is commonly known as a "subject access request". We will respond to your request within one month of receipt.
You have the right to request that we correct any inaccurate personal data we hold about you. You also have the right to have incomplete data completed.
You have the right to request the deletion of your personal data in certain circumstances, including where the data is no longer necessary for the purpose for which it was collected, or where you withdraw your consent.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of data you have contested.
Where we process your personal data based on your consent or for the performance of a contract, you have the right to receive your data in a structured, commonly used, and machine-readable format.
You have the right to object to the processing of your personal data in certain circumstances, including where we process data based on legitimate interests.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
If you wish to exercise any of these rights, please contact us using the details provided above. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights.
We will respond to all legitimate requests within one month. Occasionally, it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We process personal data for the following purposes:
We rely on the following legal bases for processing your personal data:
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risks presented by processing personal data. These measures are designed to protect against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire, SK9 5AF
Website: ico.org.uk
We may update this GDPR statement from time to time. Any changes will be posted on this page with an updated revision date.