GDPR Compliance Statement

Last Updated: May 14, 2026

Our Commitment to GDPR

shady-glade is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your privacy rights seriously and have implemented comprehensive measures to protect your personal data.

Data Controller Information

shady-glade acts as the data controller for personal information collected through our website and services.

Contact Details:
Email: [email protected]
Address: 127 Stranmillis Road, Belfast, BT9 5AG, United Kingdom

Lawful Basis for Processing

We process personal data only when we have a lawful basis under GDPR Article 6:

Your GDPR Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right to Access (Article 15)

You can request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request.

Right to Rectification (Article 16)

If your personal data is inaccurate or incomplete, you have the right to have it corrected or completed.

Right to Erasure (Article 17)

Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances.

Right to Restrict Processing (Article 18)

You can request that we limit how we use your data in specific situations.

Right to Data Portability (Article 20)

You can request a copy of your data in a structured, commonly used, machine-readable format for transfer to another provider.

Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making (Article 22)

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of your GDPR rights, contact us at [email protected]. We will respond to your request within one month, or inform you if we need additional time.

We may need to verify your identity before processing certain requests to protect your personal information.

Data Protection Measures

We implement appropriate technical and organizational security measures including:

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours as required by GDPR Article 33.

International Data Transfers

We primarily process data within the United Kingdom. If data is transferred internationally, we ensure appropriate safeguards are in place as required by GDPR Chapter V.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Specific retention periods include:

Children's Data

When processing data relating to children, we take extra care to ensure protection of their rights. We obtain parental consent where required and implement age-appropriate safeguards.

Complaints and Supervisory Authority

If you believe we have not complied with GDPR requirements, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Telephone: 0303 123 1113

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. The "Last Updated" date at the top indicates the most recent revision.

Questions and Concerns

For any questions about our GDPR compliance or data protection practices, please contact us at [email protected]