Our Commitment
Harbor-robin Ltd is committed to protecting your personal data and respecting your privacy. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This page explains your rights under data protection law and how we fulfil our obligations as a data controller.
Data Controller
Harbor-robin Ltd is the data controller for personal information collected through this website and in the course of providing our services.
Harbor-robin Ltd
47 Commerce Street
Manchester, M4 1PN
United Kingdom
[email protected]
Your Rights
Under the UK GDPR, you have the following rights regarding your personal data:
Right to Be Informed
You have the right to be informed about the collection and use of your personal data. Our Privacy Policy provides this information, explaining what data we collect, why we collect it, and how we use it.
Right of Access
You have the right to request a copy of the personal data we hold about you. This is commonly known as a "subject access request." We will respond to your request within one month and provide the information free of charge.
Right to Rectification
You have the right to request that we correct any personal data you believe is inaccurate. You also have the right to request that we complete information you believe is incomplete.
Right to Erasure
You have the right to request that we erase your personal data in certain circumstances, including:
- The data is no longer necessary for the purpose we collected it
- You withdraw consent and there is no other legal basis for processing
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
- The data must be erased to comply with a legal obligation
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, including:
- You contest the accuracy of the data (restriction applies while we verify)
- The processing is unlawful but you oppose erasure
- We no longer need the data but you need it for legal claims
- You have objected to processing (restriction applies pending verification)
Right to Data Portability
You have the right to request that we transfer the data we have collected to another organisation, or directly to you, in a structured, commonly used, machine-readable format.
Right to Object
You have the right to object to processing based on legitimate interests or for direct marketing purposes. If you object to processing for direct marketing, we will stop processing immediately.
Rights Related to Automated Decision Making
You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects you. We do not currently use automated decision-making systems.
How to Exercise Your Rights
To exercise any of your data protection rights, please contact us using the details below. We will respond to your request within one month.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information. This is a security measure to ensure personal data is not disclosed to any person who has no right to receive it.
You will not have to pay a fee to exercise your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Lawful Basis for Processing
We process personal data on the following lawful bases:
- Consent: Where you have provided clear, affirmative consent for specific processing activities
- Contractual necessity: Where processing is necessary for the performance of a contract with you
- Legitimate interests: Where processing is necessary for our legitimate business interests, provided these do not override your fundamental rights and freedoms
- Legal obligation: Where processing is necessary to comply with a legal requirement
Data Security
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
- Encryption of personal data where appropriate
- Regular security assessments
- Staff training on data protection
- Access controls limiting who can view personal data
- Regular backup procedures
Data Breaches
In the event of a personal data breach, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
Complaints
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire, SK9 5AF
However, we would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.
Contact Us
For any questions about this GDPR statement or to exercise your data protection rights, please contact:
Harbor-robin Ltd
47 Commerce Street
Manchester, M4 1PN
United Kingdom
[email protected]