GDPR Compliance
Your rights under the General Data Protection Regulation
Our Commitment to GDPR
neonor-burst is committed to full compliance with the General Data Protection Regulation (GDPR). We process all personal data in accordance with GDPR requirements and UK data protection law.
Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract: Processing necessary to fulfill our contractual obligations when you enroll in our programmes
- Consent: When you have given explicit consent for specific processing activities
- Legitimate Interests: When necessary for our legitimate business interests, balanced against your rights
- Legal Obligation: When required to comply with legal or regulatory requirements
Your GDPR Rights
Right to Access
You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format.
Right to Rectification
If you believe any information we hold about you is inaccurate or incomplete, you have the right to request correction.
Right to Erasure (Right to be Forgotten)
You can request deletion of your personal data when:
- The data is no longer necessary for the purpose it was collected
- You withdraw consent and there is no other legal basis for processing
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
Right to Restriction of Processing
You can request that we limit how we use your data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
Right to Object
You can object to processing based on legitimate interests or for direct marketing purposes at any time.
Rights Related to Automated Decision-Making
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us:
Email: [email protected]
Subject line: GDPR Rights Request
We will respond to your request within one month. In complex cases, we may extend this period by two additional months, and we will inform you if this is necessary.
Data Protection Officer
For questions specifically about data protection or to contact our Data Protection Officer:
Email: [email protected]
Address: 127 Bridgewater Street, Liverpool, L1 8DN, United Kingdom
International Data Transfers
We primarily process data within the United Kingdom and European Economic Area. If we transfer data outside these regions, we ensure appropriate safeguards are in place in accordance with GDPR requirements.
Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.
Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority.
In the UK, the supervisory authority is the Information Commissioner's Office (ICO):
Website: neonor-burst.com
Telephone: 0303 123 1113
Children's Data
When processing data relating to children participating in our programmes, we obtain appropriate consent from parents or guardians and implement additional safeguards to protect children's personal information.
Updates to GDPR Practices
We regularly review our data protection practices to ensure ongoing GDPR compliance. Any significant changes will be communicated through our Privacy Policy updates.