Our Commitment to GDPR Compliance
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on 25 May 2018. It governs how organizations collect, process, store, and protect personal data of individuals in the European Economic Area and the United Kingdom.
flurris-quick is committed to full compliance with GDPR requirements. This page outlines how we uphold your rights and fulfill our obligations under this regulation.
Data Controller Information
For the purposes of GDPR, flurris-quick acts as the data controller for the personal information we collect through our website and in the provision of our services.
Contact Details:
flurris-quick
142 Kensington Park Road
London W11 2ES
United Kingdom
Email: [email protected]
Legal Basis for Data Processing
We process your personal data only when we have a lawful basis to do so. Under GDPR, these lawful bases include:
1. Consent
We process certain data based on your explicit consent. You have the right to withdraw consent at any time, which will not affect the lawfulness of processing based on consent before its withdrawal.
2. Contract Performance
Processing is necessary to perform our contractual obligations to you when you book our animal care services.
3. Legitimate Interests
We may process data based on our legitimate business interests, such as maintaining service quality, improving our website, and protecting against fraud—provided these interests do not override your fundamental rights and freedoms.
4. Legal Obligations
We process data when necessary to comply with legal requirements, such as record-keeping obligations or responding to lawful requests from authorities.
Your Rights Under GDPR
GDPR grants you comprehensive rights regarding your personal data:
Right to Be Informed
You have the right to clear, transparent information about how we use your data. Our Privacy Policy provides this information in detail.
Right of Access
You can request confirmation of whether we process your personal data and obtain a copy of that data. We will provide this information free of charge within one month of your request.
Right to Rectification
If your personal data is inaccurate or incomplete, you have the right to have it corrected or completed.
Right to Erasure (Right to Be Forgotten)
Under certain circumstances, you can request deletion of your personal data. This applies when:
- The data is no longer necessary for the purposes for which it was collected
- You withdraw consent and there is no other legal basis for processing
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
- Deletion is required to comply with a legal obligation
Right to Restrict Processing
You can request that we limit how we use your data in certain situations:
- When you contest the accuracy of the data
- When processing is unlawful but you prefer restriction over erasure
- When we no longer need the data but you need it for legal claims
- When you have objected to processing pending verification of legitimate grounds
Right to Data Portability
Where technically feasible, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
Right to Object
You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
Rights Related to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not currently engage in automated decision-making of this nature.
How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us at [email protected]. Your request should include:
- Your full name and contact information
- A clear description of the right you wish to exercise
- Any relevant details that will help us locate your data (e.g., dates of service, email address used)
We will respond to your request within one month. In complex cases, we may extend this period by up to two additional months and will inform you of the extension and reasons.
We will not charge a fee for processing your request unless it is manifestly unfounded, excessive, or repetitive. In such cases, we may charge a reasonable fee or refuse to act on the request.
Data Security Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- Encryption of data in transit and at rest where appropriate
- Regular security assessments and vulnerability testing
- Access controls limiting data access to authorized personnel only
- Staff training on data protection and security practices
- Incident response procedures for potential data breaches
Data Breach Notification
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the relevant supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to your rights and freedoms.
International Data Transfers
We primarily store and process data within the United Kingdom and the European Economic Area. If we need to transfer data outside these regions, we will ensure appropriate safeguards are in place, such as:
- Standard contractual clauses approved by the European Commission
- Adequacy decisions confirming the destination country provides adequate protection
- Binding corporate rules where applicable
Data Protection Officer
While we are not legally required to appoint a Data Protection Officer, questions and concerns about our data processing practices can be directed to [email protected].
Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority.
In the United Kingdom, the supervisory authority is the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: www.ico.org.uk
However, we encourage you to contact us first so we can attempt to resolve any concerns you may have.
Updates to Our GDPR Practices
We regularly review and update our data protection practices to ensure ongoing compliance with GDPR requirements. Any significant changes will be communicated through updates to our Privacy Policy and this GDPR page.
Contact Us
For any questions, concerns, or requests related to GDPR compliance or your data protection rights, please contact us at [email protected].