Home GDPR

GDPR Compliance

Your data protection rights under UK GDPR

mossy-roam is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides information about how we protect your data and uphold your rights.

Our Commitment

We are committed to:

Data Controller

mossy-roam is the data controller for the personal information we collect. This means we are responsible for deciding how we hold and use personal information about you.

Contact:
mossy-roam
Unit 14, The Learning Quarter
Colmore Row
Birmingham B3 2BJ
Email: [email protected]

Your Rights Under GDPR

Under UK GDPR, you have the following rights:

Right to Be Informed

You have the right to know how your personal data is being used. Our Privacy Policy explains this in detail.

Right of Access

You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month of receiving your request.

Right to Rectification

If any personal data we hold is inaccurate or incomplete, you have the right to have it corrected. Contact us and we will update our records promptly.

Right to Erasure

In certain circumstances, you can request that we delete your personal data. This right is not absolute and applies in specific situations, such as when the data is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data or object to our processing.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you can request your data in a structured, commonly used, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds.

Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on you.

Children's Data

Given the nature of our services, we process data relating to children. We take additional care with this data:

Data Protection Impact Assessments

Where our processing activities are likely to result in high risk to individuals' rights and freedoms, we conduct Data Protection Impact Assessments (DPIAs) to identify and minimise risks.

Data Breaches

We have procedures in place to detect, report, and investigate personal data breaches. If a breach is likely to result in a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) as required by law.

International Transfers

We primarily store and process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO.

How to Exercise Your Rights

To exercise any of your rights, please contact us at [email protected]. We may need to verify your identity before processing your request. We aim to respond to all requests within one month, though complex requests may take longer.

Complaints

If you are unhappy with how we have handled your personal data, please contact us first so we can try to resolve the issue. You also have the right to complain to the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk

Updates

This GDPR information may be updated periodically. We will notify you of significant changes through our website or by email.

We use cookies to improve your experience on our site. By continuing, you agree to our Cookie Policy.