GDPR Compliance

Gloomy Horizons is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we meet our obligations and explains your rights as a data subject.

Data Controller Information

Gloomy Horizons is the data controller for personal information collected through our website and services. Our contact details are:

Gloomy Horizons
47 Bridgewater Lane
Salford Quays, Manchester M50 3AH
United Kingdom
Email: [email protected]

Lawful Basis for Processing

We process personal data under the following lawful bases:

• Contract: To provide our pet care services and fulfil our contractual obligations to you
• Legitimate Interests: To improve our services, maintain security, and communicate with clients about relevant matters
• Consent: For marketing communications and non-essential cookies (where you have opted in)
• Legal Obligation: To comply with applicable laws and regulations

Your Rights Under UK GDPR

As a data subject, you have the following rights:

Right to Access

You have the right to request a copy of the personal information we hold about you. We will respond to your request within one month of receipt.

Right to Rectification

If any personal information we hold about you is inaccurate or incomplete, you have the right to request its correction.

Right to Erasure

You have the right to request the deletion of your personal information in certain circumstances, such as when the data is no longer necessary for the purposes it was collected.

Right to Restrict Processing

You may request that we limit how we use your personal information in certain situations, such as when you contest its accuracy.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object

You have the right to object to the processing of your personal information where we rely on legitimate interests as our lawful basis.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently engage in automated decision-making.

Exercising Your Rights

To exercise any of your rights, please contact us at [email protected]. We may need to verify your identity before processing your request. We will respond within one month, though this may be extended by up to two months for complex requests.

Data Security Measures

We implement appropriate technical and organisational measures to protect personal data, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Staff training on data protection
• Access controls and authentication procedures
• Secure backup and recovery systems

Data Breach Procedures

In the event of a personal data breach, we will notify the Information Commissioner's Office (ICO) within 72 hours where required. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

International Data Transfers

We primarily process data within the UK and European Economic Area. If we transfer data outside these regions, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

Complaints

If you are unhappy with how we have handled your personal information, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk

Updates to This Information

We may update this GDPR compliance information from time to time. Any significant changes will be communicated on our website.