GDPR Compliance
Your data protection rights under UK GDPR
cosmic-bear is committed to protecting your personal data and respecting your privacy. This page explains how we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Data Controller
cosmic-bear is the data controller responsible for your personal data. If you have any questions about how we handle your data, contact us at:
cosmic-bear
47 Marchmont Street
London WC1N 1AP
United Kingdom
Email: [email protected]
Lawful Basis for Processing
We process your personal data based on the following lawful bases:
- Consent: Where you have given clear consent for us to process your personal data for a specific purpose
- Contract: Where processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
- Legitimate interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided your interests and fundamental rights do not override those interests
- Legal obligation: Where processing is necessary to comply with the law
Your Rights Under UK GDPR
Under UK GDPR, you have the following rights:
Right to Access
You have the right to request copies of your personal data. We may charge a small fee for this service if your request is unfounded or excessive.
Right to Rectification
You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
Right to Erasure
You have the right to request that we erase your personal data under certain conditions, such as when the data is no longer necessary for the purpose it was collected.
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data under certain conditions.
Right to Object
You have the right to object to our processing of your personal data under certain conditions, particularly where we are processing based on legitimate interests.
Right to Data Portability
You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.
Exercising Your Rights
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or you have made multiple requests, we may extend this period by a further two months, in which case we will inform you.
Data Transfers
We do not routinely transfer personal data outside the United Kingdom. If we do transfer data internationally, we ensure appropriate safeguards are in place to protect your information in compliance with UK GDPR requirements.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Our retention periods are based on:
- The nature of the data and the purpose of processing
- Legal and regulatory requirements
- Operational needs
- Industry practices
Security Measures
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
- Encryption of personal data where appropriate
- Regular testing and evaluation of security measures
- Staff training on data protection
- Access controls limiting who can view personal data
Data Breaches
In the event of a personal data breach, we will notify the Information Commissioner's Office within 72 hours where the breach is likely to result in a risk to individuals' rights and freedoms. Where the breach is likely to result in a high risk, we will also notify affected individuals directly.
Complaints
If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
Updates to This Information
We may update this page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.