GDPR Compliance

Our Commitment to Data Protection

Amethyst Moor Ltd is committed to ensuring that your privacy is protected in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page explains your rights and how we handle your personal data.

Data Controller

Amethyst Moor Ltd is the data controller for personal information collected through this website and our services. This means we are responsible for deciding how we hold and use personal information about you.

Contact details:

Amethyst Moor Ltd
14 Westbury Court
Bristol BS8 4JT
United Kingdom

Email: [email protected]

Your Rights Under UK GDPR

Under data protection law, you have rights including:

Right of Access

You have the right to request a copy of the personal information we hold about you. This is commonly known as a "subject access request". We will respond to your request within one month.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete information you believe is incomplete.

Right to Erasure

You have the right to request that we erase your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected or you withdraw consent.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organisation, or directly to you, in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing purposes.

Rights Related to Automated Decision Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]

We may need to request specific information from you to confirm your identity and ensure your right to access your personal data. This is a security measure to ensure personal data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally, it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Lawful Basis for Processing

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Performance of contract: Where we need to perform the contract we are about to enter into or have entered into with you
• Legitimate interests: Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests
• Legal obligation: Where we need to comply with a legal obligation
• Consent: Where you have given us specific consent to process your data for a particular purpose

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means.

International Transfers

We do not routinely transfer personal data outside the United Kingdom. If we do need to transfer data internationally, we will ensure appropriate safeguards are in place.

Complaints

If you have any concerns about our use of your personal information, you can make a complaint to us using the contact details above.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Changes to This Information

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.