GDPR Compliance
Your Data Protection Rights Under GDPR
1. Our Commitment to GDPR
UKsoft is committed to complying with the General Data Protection Regulation (GDPR) and protecting your personal data. This page outlines our approach to data protection and your rights under GDPR.
2. Your Rights Under GDPR
Under GDPR, you have the following rights regarding your personal data:
Right to Information
You have the right to be informed about how we collect and use your personal data.
Right of Access
You can request copies of your personal data that we hold.
Right to Rectification
You can request correction of inaccurate or incomplete personal data.
Right to Erasure
You can request deletion of your personal data in certain circumstances.
Right to Restrict Processing
You can request that we limit how we use your personal data.
Right to Data Portability
You can request transfer of your data to another organization.
3. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: When you have given clear consent for us to process your data for specific purposes
- Contract: When processing is necessary for a contract with you or to take steps at your request
- Legal Obligation: When we need to comply with legal requirements
- Legitimate Interest: When processing is necessary for our legitimate business interests
4. Data Retention
We retain your personal data only for as long as necessary:
| Data Type | Retention Period | Reason |
|---|---|---|
| Contact enquiries | 2 years | Business follow-up |
| Project data | 7 years | Legal/contractual obligations |
| Marketing data | Until consent withdrawn | Marketing communications |
| Website analytics | 26 months | Performance analysis |
5. Data Security
We implement appropriate technical and organizational measures to protect your data:
- • Encryption of data in transit and at rest
- • Regular security assessments and updates
- • Access controls and staff training
- • Secure backup and recovery procedures
- • Regular monitoring for security threats
6. International Transfers
When we transfer your data outside the UK/EU, we ensure adequate protection through approved mechanisms such as adequacy decisions, Standard Contractual Clauses, or certification schemes.
7. Data Breach Procedures
In the event of a data breach:
- • We will assess the risk and notify authorities within 72 hours if required
- • Affected individuals will be notified if there's a high risk to their rights
- • We will take immediate steps to contain and remediate the breach
- • A thorough investigation will be conducted to prevent future occurrences
8. How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us using the information below. We will respond within one month of receiving your request.
📧 Data Protection Request Form
For faster processing, please include:
- • Your full name and email address
- • Specific right you wish to exercise
- • Details of the data concerned (if applicable)
- • Proof of identity (for security purposes)
9. Complaints
If you're not satisfied with how we handle your data protection concerns, you have the right to lodge a complaint with:
Information Commissioner's Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
10. Contact Our Data Protection Officer
For any data protection queries or to exercise your rights, please contact:
Data Protection Officer
UKsoft
Email: [email protected]
Privacy Email: [email protected]
Phone: 0330 520 1963