GDPR Compliance
Last Updated: 13th June 2025
🛡️ Data Protection Excellence
UK Data Services is fully compliant with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We prioritise data protection in all our web scraping and analytics services.
1. Our GDPR Commitment
As a leading UK data services provider, we have implemented comprehensive GDPR compliance measures across all our operations:
- Full compliance with GDPR and UK data protection legislation
- Transparent data processing practices
- Robust security measures and access controls
- Regular compliance audits and staff training
- Clear procedures for data subject rights
- Comprehensive data protection impact assessments
2. Data Protection Principles
We adhere to all six GDPR data protection principles:
Lawfulness, Fairness and Transparency
- All data processing has a clear legal basis
- Transparent communication about data use
- Fair processing that respects individual rights
Purpose Limitation
- Data collected for specific, explicit purposes
- No processing beyond the original purpose
- Clear project scope and data requirements
Data Minimisation
- Only collect data that's necessary for the purpose
- Regular review of data collection practices
- Efficient data processing methods
Accuracy
- Maintain accurate and up-to-date records
- Correct inaccurate data promptly
- Regular data quality assessments
Storage Limitation
- Retain data only as long as necessary
- Clear data retention schedules
- Secure data disposal procedures
Integrity and Confidentiality
- Robust security measures and encryption
- Access controls and authentication
- Regular security audits and updates
3. Your Data Protection Rights
Under GDPR, you have comprehensive rights regarding your personal data:
Right to be Informed
Clear information about how we process your personal data, provided through our privacy policy and direct communications.
Right of Access
Request copies of your personal data and information about how we process it. We respond within one month.
Right to Rectification
Have inaccurate or incomplete personal data corrected or completed without undue delay.
Right to Erasure
Request deletion of your personal data in certain circumstances, including withdrawal of consent.
Right to Restrict Processing
Request that we limit how we process your personal data in specific situations.
Right to Data Portability
Receive your personal data in a structured, machine-readable format for transfer to another controller.
Right to Object
Object to processing based on legitimate interests, direct marketing, or research purposes.
Rights Related to Automated Processing
Protection against automated decision-making and profiling that produces legal or significant effects.
4. Legal Basis for Processing
We only process personal data when we have a valid legal basis:
Contractual Necessity
- Performance of contracts for data services
- Pre-contractual measures and quotations
- Service delivery and project management
Legitimate Interest
- Business operations and administration
- Service improvement and development
- Security and fraud prevention
Consent
- Marketing communications
- Optional data processing activities
- Cookie usage beyond essential cookies
Legal Obligation
- Compliance with applicable laws
- Regulatory reporting requirements
- Financial record keeping
5. Data Security Measures
We implement comprehensive technical and organisational measures:
Technical Safeguards
- End-to-end encryption for data transmission
- Secure cloud infrastructure with access controls
- Regular security patches and updates
- Network monitoring and intrusion detection
- Secure backup and recovery procedures
Organisational Measures
- Staff training on data protection principles
- Clear data handling procedures and policies
- Regular security audits and assessments
- Incident response and breach notification procedures
- Vendor due diligence and data processing agreements
6. International Data Transfers
When transferring personal data internationally, we ensure:
- Adequacy decisions or appropriate safeguards are in place
- Standard contractual clauses for data protection
- Binding corporate rules where applicable
- Regular review of transfer mechanisms
7. Data Protection Impact Assessments
We conduct Data Protection Impact Assessments (DPIAs) for:
- High-risk data processing activities
- New technologies or processing methods
- Large-scale processing of sensitive data
- Systematic monitoring of public areas
8. Data Breach Procedures
In the event of a data breach, we:
- Notify the ICO within 72 hours if required
- Inform affected individuals without undue delay
- Document all breaches and response measures
- Implement corrective actions to prevent recurrence
9. Third-Party Processors
We ensure all third-party data processors:
- Provide sufficient guarantees of GDPR compliance
- Sign comprehensive data processing agreements
- Undergo regular compliance audits
- Implement appropriate technical and organisational measures
10. Staff Training and Awareness
Our team receives regular training on:
- GDPR principles and requirements
- Data handling best practices
- Incident reporting procedures
- Privacy by design principles
11. Exercising Your Rights
To exercise your data protection rights:
- Contact our Data Protection Officer
- Provide sufficient information to identify your data
- Specify which right you wish to exercise
- We will respond within one month
12. Contact Information
Data Protection Officer
Email: dpo@ukdataservices.co.uk
Phone: +44 1692 689150
General Privacy Enquiries
Email: privacy@ukdataservices.co.uk
Postal Address
UK Data Services
Data Protection Officer
United Kingdom
13. Supervisory Authority
You have the right to lodge a complaint with the UK's supervisory authority:
Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
This page demonstrates our commitment to data protection excellence and regulatory compliance in all our data services.