Our commitment to data protection and your rights
Airy Tides is fully committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take the protection of your personal data seriously and have implemented measures to ensure compliance with these regulations.
Airy Tides is the data controller responsible for your personal data. If you have any questions about this GDPR notice or our data protection practices, please contact us using the details provided at the end of this page.
We process your personal data under the following lawful bases:
Under the UK GDPR, you have the following rights:
You have the right to request copies of your personal data. We may charge a small fee for this service in certain circumstances.
You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
You have the right to request that we erase your personal data, under certain conditions. This is also known as the "right to be forgotten".
You have the right to request that we restrict the processing of your personal data, under certain conditions.
You have the right to object to our processing of your personal data, under certain conditions.
You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
To exercise any of these rights, please contact us at:
Email: [email protected]
Address: 47 Riverside Lane, Woodbridge, Suffolk, IP12 4HN, United Kingdom
We will respond to your request within one month. In complex cases, we may extend this period by up to two months, but we will inform you if this is necessary.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.
For booking and service records, we typically retain data for 6 years after the last service provided. Marketing consent records are retained until you withdraw consent.
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
We do not routinely transfer personal data outside the United Kingdom. If we do need to transfer data internationally, we will ensure appropriate safeguards are in place in accordance with UK GDPR requirements.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk
We may update this GDPR notice from time to time. Any changes will be posted on this page with an updated revision date.
Last updated: January 2024