GDPR Information

Your data protection rights under GDPR

Introduction

The General Data Protection Regulation provides comprehensive data protection rights for individuals in the European Union and United Kingdom. stone-mink is committed to compliance with GDPR requirements.

Your Rights Under GDPR

Right to Access: You have the right to request copies of your personal data. We may charge a reasonable fee for multiple requests.

Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.

Right to Erasure: You have the right to request deletion of your personal data under certain circumstances.

Right to Restrict Processing: You have the right to request restriction of processing your personal data under certain circumstances.

Right to Data Portability: You have the right to request transfer of your data to another organization or directly to you in a structured, commonly used format.

Right to Object: You have the right to object to processing of your personal data under certain circumstances.

Legal Basis for Processing

We process personal data under the following legal bases:

Consent: You have given explicit consent for processing your personal data for specific purposes.

Contract: Processing is necessary for fulfilling contractual obligations with you.

Legal Obligation: Processing is necessary for compliance with legal obligations.

Legitimate Interests: Processing is necessary for legitimate interests pursued by our business, provided these interests do not override your fundamental rights.

Data We Collect

We collect and process:

Contact information including name and email address. Service preferences and booking details. Communication records related to inquiries and bookings. Technical data from website usage stored in browser localStorage.

How We Protect Your Data

We implement appropriate technical and organizational measures including:

Secure data storage systems. Access controls limiting who can view personal data. Regular security assessments. Staff training on data protection requirements.

Data Retention

We retain personal data only as long as necessary for purposes outlined in our Privacy Policy or as required by law. Booking records are retained for seven years for legal and accounting purposes. Marketing communications data is retained until you withdraw consent.

International Data Transfers

We do not routinely transfer personal data outside the United Kingdom. If transfers become necessary, we ensure appropriate safeguards are in place as required by GDPR.

Exercising Your Rights

To exercise any GDPR rights, contact us at:

stone-mink
42 Queen Square
Bristol BS1 4QP
United Kingdom
[email protected]

We will respond to requests within one month. Complex requests may require additional time, about which we will inform you.

Right to Lodge a Complaint

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Information Commissioner's Office, the UK supervisory authority for data protection issues.

Updates to This Information

We may update this GDPR information to reflect changes in our practices or legal requirements. Updates will be posted on this page.