This site contains advertising content

GDPR Compliance

Last Updated: April 21, 2026

1. Our Commitment to GDPR

domain is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights under this regulation.

2. Data Controller Information

For the purposes of GDPR, domain acts as the data controller for personal information collected through our website and services.

Contact Details:
Email: [email protected]
Address: 128 Piccadilly Street, London, W1J 7BQ, United Kingdom

3. Lawful Basis for Processing

We process personal data only when we have a lawful basis to do so under GDPR Article 6:

  • Consent (Article 6(1)(a)): You have given clear, informed consent for us to process your personal data for specific purposes
  • Contract (Article 6(1)(b)): Processing is necessary to perform a contract with you or take steps prior to entering into a contract
  • Legal Obligation (Article 6(1)(c)): Processing is necessary to comply with legal obligations
  • Legitimate Interests (Article 6(1)(f)): Processing is necessary for our legitimate business interests, provided this does not override your fundamental rights and freedoms

4. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

4.1 Right to Access (Article 15)

You have the right to obtain confirmation as to whether we process your personal data and, if so, to access that data along with specific information about the processing.

4.2 Right to Rectification (Article 16)

You have the right to request correction of inaccurate personal data and to have incomplete personal data completed.

4.3 Right to Erasure (Article 17)

You have the right to request deletion of your personal data in certain circumstances, including when:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Deletion is required to comply with a legal obligation

4.4 Right to Restriction of Processing (Article 18)

You have the right to request restriction of processing in certain situations, such as when you contest the accuracy of the data or object to processing.

4.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

4.6 Right to Object (Article 21)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

4.7 Right Not to Be Subject to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

4.8 Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

5. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at [email protected] with your request. We will:

  • Respond to your request within one month (extendable by two additional months for complex requests)
  • Verify your identity before processing your request
  • Provide information free of charge (unless requests are manifestly unfounded or excessive)
  • Inform you if we cannot comply with your request and the reasons why

6. Data Processing Principles

We adhere to the GDPR data processing principles (Article 5):

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose Limitation: We collect data for specified, explicit, and legitimate purposes
  • Data Minimization: We collect only data that is adequate, relevant, and limited to what is necessary
  • Accuracy: We take reasonable steps to ensure personal data is accurate and up to date
  • Storage Limitation: We keep personal data only as long as necessary for the purposes for which it was collected
  • Integrity and Confidentiality: We process data securely using appropriate technical and organizational measures
  • Accountability: We are responsible for and can demonstrate compliance with these principles

7. Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection
  • Incident response and breach notification procedures

8. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Document all data breaches, regardless of whether notification is required

9. International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules
  • Certification mechanisms

10. Third-Party Processors

When we engage third-party processors to process personal data on our behalf, we:

  • Use only processors that provide sufficient guarantees of GDPR compliance
  • Have written contracts in place that meet GDPR requirements (Article 28)
  • Ensure processors process data only on our documented instructions
  • Monitor processor compliance with their obligations

11. Children's Data

We do not knowingly process personal data of children under 16 years of age without parental consent, in accordance with GDPR Article 8.

12. Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where the alleged infringement occurred.

For the UK: Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

13. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Service inquiry data: 2 years from last contact
  • Client project data: 7 years after project completion (for business and legal purposes)
  • Marketing consent data: Until consent is withdrawn or 3 years of inactivity
  • Website analytics data: 26 months

14. Updates to This Page

We may update this GDPR compliance information to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website.

15. Contact Us

For any questions about our GDPR compliance or to exercise your rights, please contact us at:

Email: [email protected]
Address: 128 Piccadilly Street, London, W1J 7BQ, United Kingdom