GDPR Compliance

Last updated: 19 June 2026

Our Commitment to Data Protection

stormwatcher-lynx is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you provide explicit consent for specific processing activities
• Contract: When processing is necessary to fulfil service agreements
• Legitimate interests: When processing supports our business operations without overriding your rights
• Legal obligation: When required by law

Your GDPR Rights

Under GDPR, you have the following rights:

Right to Access

You can request confirmation of whether we process your personal data and obtain a copy of that data.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data in certain circumstances, including when it is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You can request that we limit how we use your personal data in specific situations.

Right to Data Portability

You can request a copy of your personal data in a structured, commonly used, machine-readable format.

Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

• Service delivery and customer relationship management
• Legal, accounting, and regulatory requirements
• Resolving disputes and enforcing agreements

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication measures
• Staff training on data protection

International Transfers

If we transfer personal data outside the United Kingdom or European Economic Area, we ensure appropriate safeguards are in place as required by GDPR.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at: [email protected]

We will respond to requests within one month, though this may be extended by up to two months for complex requests.

Complaints

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection.

ICO Contact:
Website: ico.org.uk
Telephone: 0303 123 1113