Your rights under the UK General Data Protection Regulation
Last updated: January 2024
The UK General Data Protection Regulation (UK GDPR), retained from EU law following Brexit, sets out requirements for how organisations must handle personal data. Solar-Vale Ltd is committed to compliance with the UK GDPR and the Data Protection Act 2018.
Solar-Vale Ltd acts as the data controller for personal information collected through our website and services. This means we determine the purposes and means of processing your personal data.
Contact details:
Solar-Vale Ltd
47 Colmore Row
Birmingham, B3 2AA
United Kingdom
Email: [email protected]
We process personal data only when we have a valid lawful basis. The lawful bases we rely on are:
When you submit enquiry forms or contact us, you provide consent for us to process your information to respond to your request. You may withdraw consent at any time by contacting us.
When you engage our services, we process your data as necessary to perform our contractual obligations, including arranging consultations, conducting site assessments, and delivering installations.
We may process data based on our legitimate business interests, such as improving our services, website functionality, and customer experience. We ensure these interests do not override your fundamental rights.
We may process data to comply with legal requirements, including financial record-keeping, health and safety regulations, and responding to lawful requests from authorities.
You have the following rights regarding your personal data:
You can request a copy of the personal data we hold about you. We will respond within one month of receiving your request.
If your personal data is inaccurate or incomplete, you can request that we correct or complete it.
In certain circumstances, you can request that we delete your personal data. This right applies when the data is no longer necessary, you withdraw consent, or the data was unlawfully processed.
You can request that we limit how we use your data while we verify its accuracy or consider objections you have raised.
Where processing is based on consent or contract and carried out by automated means, you can request your data in a structured, commonly used format.
You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we demonstrate compelling legitimate grounds.
We do not make decisions based solely on automated processing that produce legal effects or significantly affect you.
To exercise any of these rights, please contact us at [email protected]. We may need to verify your identity before processing your request. We aim to respond to all requests within one month.
If your request is complex or we receive numerous requests, we may extend this period by two months. We will inform you of any extension and the reasons within one month of your request.
We primarily store and process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place to protect your information.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware. If the breach is likely to result in a high risk, we will also inform affected individuals without undue delay.
If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
We would appreciate the opportunity to address your concerns before you contact the ICO. Please contact us first so we can investigate and respond to your complaint.
We may update this GDPR information to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.