Your data protection rights explained
Last updated: January 2024
Garnet Glacier Ltd is fully committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take the protection of your personal data seriously and have implemented appropriate measures to ensure your information is handled lawfully, fairly, and transparently.
Garnet Glacier Ltd acts as the data controller for personal information collected through our website and in the course of providing our ecological consulting services.
Data Controller: Garnet Glacier Ltd
Address: 47 Greenfield Lane, Cambridge, CB2 1TN, United Kingdom
Email: [email protected]
The UK GDPR provides you with specific rights regarding your personal data. We are committed to respecting these rights and facilitating their exercise.
You have the right to be informed about how we collect and use your personal data. This is provided through this GDPR notice and our Privacy Policy.
You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to valid requests within one month.
You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.
Also known as the "right to be forgotten", you may request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
You have the right to request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data.
Where we process your data based on consent or for the performance of a contract, you have the right to receive your personal data in a structured, commonly used, machine-readable format.
You have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not currently use automated decision-making processes.
We implement appropriate technical and organisational measures to protect personal data, including:
We only process personal data where we have a lawful basis to do so. The bases we rely on include:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Our standard retention periods are:
We primarily process data within the United Kingdom. If we need to transfer data outside the UK, we ensure appropriate safeguards are in place in compliance with UK GDPR requirements.
We have procedures in place to detect, report, and investigate personal data breaches. If a breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay.
To exercise any of your data protection rights, please contact us at:
Email: [email protected]
Post: Garnet Glacier Ltd, 47 Greenfield Lane, Cambridge, CB2 1TN
We will respond to your request within one month. In complex cases, we may extend this by a further two months, but we will inform you of any extension within the first month.
There is no fee for making a request, unless requests are manifestly unfounded or excessive.
If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk
We may update this GDPR notice periodically. Any changes will be posted on this page with an updated revision date.