velar-shift
Home Our Story Services Contact Book Now
Home Our Story Services Contact Book Now

GDPR Compliance

Last updated: January 2024

velar-shift is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines our commitment to data protection and your rights as a data subject.

Data Controller

velar-shift is the data controller responsible for your personal data. Our contact details are:

velar-shift
47 Clerkenwell Road
London, EC1M 5RS
United Kingdom
Email: [email protected]

Data Protection Principles

We adhere to the following principles when processing your personal data:

  • Lawfulness, fairness, and transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes only
  • Data minimisation: We collect only the data necessary for our stated purposes
  • Accuracy: We keep personal data accurate and up to date
  • Storage limitation: We retain data only for as long as necessary
  • Integrity and confidentiality: We process data securely
  • Accountability: We demonstrate compliance with these principles

Your Rights Under UK GDPR

As a data subject, you have the following rights:

Right to Be Informed

You have the right to be informed about how we collect and use your personal data. We provide this information through our Privacy Policy and this GDPR page.

Right of Access

You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to your request within one month.

Right to Rectification

You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, including:

  • When the data is no longer necessary for its original purpose
  • When you withdraw consent (where consent was the legal basis)
  • When you object to processing and there are no overriding legitimate grounds
  • When the data has been unlawfully processed

Right to Restrict Processing

You have the right to request that we restrict the processing of your data in certain circumstances, such as when you contest the accuracy of the data or object to its processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to the processing of your personal data, including processing for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that have significant effects on you. We do not currently use automated decision-making in our services.

Exercising Your Rights

To exercise any of your rights, please contact us at [email protected]. We will respond to your request within one month. In complex cases or where we receive many requests, we may extend this period by up to two additional months, and we will inform you if this is necessary.

We may ask you to verify your identity before processing your request. This helps us ensure that personal data is not disclosed to unauthorised persons.

Data Breaches

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Document all breaches, including their effects and remedial actions taken

International Data Transfers

When we transfer personal data outside the UK, we ensure appropriate safeguards are in place. This may include:

  • Transferring to countries with adequacy decisions
  • Using Standard Contractual Clauses approved by the ICO
  • Implementing additional technical and organisational measures where necessary

Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) for processing activities that are likely to result in high risk to individuals, particularly when using new technologies or processing sensitive data at scale.

Training and Awareness

All team members who handle personal data receive regular training on data protection principles and their responsibilities under UK GDPR.

Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk

However, we would appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first at [email protected].

Updates to This Information

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.

velar-shift

Bringing exceptional culinary experiences to homes across the United Kingdom since 2018.

Navigation

  • Home
  • Our Story
  • Services
  • Contact

Services

  • Private Chef
  • Cooking Workshops
  • Menu Consultation
  • Corporate Events

Legal

  • Privacy Policy
  • Terms of Use
  • Cookie Policy
  • GDPR

© 2024 velar-shift. All rights reserved. | Operating throughout the United Kingdom

We use cookies to enhance your browsing experience and analyse site traffic. By continuing, you agree to our use of cookies. Learn more