GDPR Compliance

Last Updated: June 19, 2026

Our Commitment to Data Protection

We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018.

Data Controller

For the purposes of data protection legislation, breeze-sentinel is the data controller responsible for your personal information.

Contact: [email protected]
Address: 47 Pembridge Gardens, Notting Hill, London W2 4DX, United Kingdom

Lawful Basis for Processing

We process your personal data under the following lawful bases:

• Consent: When you submit an enquiry through our website, you consent to us processing your information to respond to your request
• Contract: Processing necessary to fulfill service agreements when you become a client
• Legal Obligation: Retention of records as required by business regulations and tax law
• Legitimate Interests: Communication about services you've enquired about or received

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access

You may request a copy of all personal information we hold about you. We will provide this within one month of your request.

Right to Rectification

If information we hold is inaccurate or incomplete, you can request that we correct or complete it.

Right to Erasure

You may request deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You can ask us to restrict how we use your information in specific situations, such as when you contest the accuracy of the data.

Right to Data Portability

You can request a copy of your data in a structured, commonly used, machine-readable format to transfer to another organization.

Right to Object

You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

We do not use automated decision-making or profiling in our processing of personal data.

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected]. We will respond to your request within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office if you believe we have not handled your data appropriately.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Secure storage of electronic and paper records
• Access controls limiting who can view personal data
• Regular security assessments and updates
• Staff training on data protection principles

Data Retention

We retain personal data only as long as necessary for the purposes outlined in our Privacy Policy. Specific retention periods include:

• Enquiry records: 2 years from last contact
• Client project records: 7 years from project completion
• Financial records: 7 years as required by tax regulations

Third-Party Processing

When we engage third parties to process personal data on our behalf, we ensure they provide sufficient guarantees regarding security and compliance with data protection law.

International Transfers

We do not routinely transfer personal data outside the United Kingdom. If international transfer becomes necessary, we will ensure appropriate safeguards are in place.

Changes to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised date.

Contact for Data Protection Queries

For questions about how we process your personal data or to exercise your rights, contact us at [email protected].