UK GDPR

Home Blog
By Aria Everhart 15 October 2024

UK GDPR Compliance

This page explains how Cotswold Wedding Veils Boutique complies with the UK General Data Protection Regulation (UK GDPR), which governs the protection of personal data in the United Kingdom.

Scope and Applicability

Although Cotswold Wedding Veils Boutique does not maintain a user registration system or store personal data in a database, we may collect limited personal data through automated means such as website analytics, server logs, and cookies. This data is processed solely for the purpose of improving website functionality and understanding visitor behaviour. The UK GDPR applies to this limited processing activity.

Your Rights Under UK GDPR

Under the UK GDPR, you have the following rights in relation to your personal data:

  • Right of access – to request confirmation of whether your data is being processed and to obtain a copy of it
  • Right to rectification – to correct inaccurate or incomplete personal data
  • Right to erasure – to request deletion of your personal data where there is no compelling reason for its continued processing
  • Right to restriction of processing – to limit how your data is used under certain conditions
  • Right to data portability – to receive your data in a structured, commonly used format
  • Right to object – to object to processing based on legitimate interests, including profiling

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

How We Comply

We ensure compliance with UK GDPR by:

  • Using only necessary and minimal data collection tools (e.g., anonymised analytics)
  • Not storing personal data in identifiable formats
  • Providing clear information about data usage via our Privacy Policy
  • Responding promptly to requests from data subjects

Data We Process

Any personal data we process is limited to:

  • IP addresses (anonymised via server logs)
  • Browser type and device information (for analytics)
  • Cookie identifiers (for site functionality and preferences)

This data is not linked to any individually identifiable information and is not retained longer than necessary.

Legal Basis for Processing

We process data based on our legitimate interests in ensuring website security, improving user experience, and analysing traffic patterns. We do not rely on consent for this limited processing, as it is necessary for the operation of our informational website.

How to Exercise Your Rights

To exercise any of your rights under UK GDPR, please contact us at the email address below. Include your full name and a clear description of the right you wish to exercise. We will respond without undue delay and within one month.

Response Timeframes

We aim to respond to all requests within one calendar month. If your request is complex or numerous, we may extend this period by a further two months and will inform you within one month of receipt.

No Discrimination Policy

We will not deny you services, charge different prices, or provide a different level of service because you exercised your rights under UK GDPR.

Updates and Changes

We may update this page periodically to reflect changes in law or our practices. Any material changes will be posted here with an updated effective date.

Contact Information

If you have any questions about this compliance page or wish to exercise your rights, please contact:

Aria Everhart
17 Wenthworth Street, Glebe NSW 2037, Australia
[email protected]