Information presented on this website is promotional in nature

GDPR Compliance

Our commitment to data protection and your rights

Home / GDPR

Last updated: January 2024

Our Commitment to GDPR

deft-saga is committed to ensuring compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This page outlines how we handle personal data in accordance with these regulations and explains your rights as a data subject.

Data Controller Information

deft-saga acts as the data controller for personal information collected through our website and services. As data controller, we determine the purposes and means of processing personal data.

Contact details:
Email: [email protected]
Address: 27 Victoria Street, London, SW1H 0EX, United Kingdom

Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent: Where you have given clear consent for us to process your personal data for specific purposes, such as receiving marketing communications
  • Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these do not override your fundamental rights and freedoms
  • Legal Obligation: Where processing is necessary to comply with a legal obligation

Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal information we hold about you. We will respond to such requests within one month.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

Right to Erasure

You have the right to request deletion of your personal data where there is no compelling reason for its continued processing. This right is not absolute and may be subject to legal retention requirements.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or significantly affect you.

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We may need to verify your identity before processing your request. We aim to respond to all legitimate requests within one month. If your request is particularly complex or you have made multiple requests, we may extend this period by a further two months, in which case we will inform you.

Data Protection Measures

We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest where appropriate
  • Regular security assessments and updates
  • Access controls limiting who can access personal data
  • Staff training on data protection responsibilities
  • Incident response procedures for data breaches

International Data Transfers

Where we transfer personal data outside the UK or European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the relevant authority, or transfers to countries with an adequacy decision.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to you, we will also notify you directly.

Supervisory Authority

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk

Updates to This Information

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.

Contact Us

For any questions about our GDPR compliance or to exercise your data protection rights, please contact us:

Email: [email protected]
Address: 27 Victoria Street, London, SW1H 0EX, United Kingdom

We use cookies to enhance your browsing experience and analyse site traffic. By continuing to use this site, you consent to our use of cookies. Learn more