UK GDPR

Nov, 22 2024

UK GDPR Compliance

At Loch Ness Retreat, we are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR). This page explains how we comply with your rights under UK GDPR and the data we process when you visit our website.

Scope and Applicability

Although Loch Ness Retreat does not require user registration or maintain a database of personal information, we may collect limited personal data through automated means such as web analytics, server logs, and cookies. This data is processed solely for the purpose of improving website functionality and user experience. As the data controller, Zara Wildon is responsible for ensuring compliance with UK GDPR.

Your Rights Under UK GDPR

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: You may request confirmation of whether we process your data and obtain a copy of it.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data.
  • Right to erasure: You may request deletion of your personal data where there is no compelling reason for its continued processing.
  • Right to restriction of processing: You may request that we limit how we use your data under certain conditions.
  • Right to data portability: Where processing is based on consent or contract, you may request your data in a structured, commonly used format.
  • Right to object: You may object to processing based on legitimate interests, including profiling or direct marketing.

How We Comply

We do not store personal data in databases or user accounts. Any data collected via cookies or analytics tools (e.g., Google Analytics) is anonymized or aggregated where possible. We use only essential cookies for site functionality and require user consent for non-essential cookies. All data processing is documented and reviewed regularly to ensure compliance with UK GDPR principles.

Data We Process

The personal data we may process includes:

  • IP addresses (anonymized in analytics)
  • Cookie identifiers for session and preference management
  • Browser type, device information, and usage patterns (for site optimization)

No names, email addresses, phone numbers, or other personally identifiable information are collected unless voluntarily provided via our contact form.

Legal Basis for Processing

Our processing of personal data is based on the following legal grounds under UK GDPR:

  • Legitimate interests: To improve website performance and user experience
  • Consent: For non-essential cookies and analytics tools

How to Exercise Your Rights

To exercise any of your rights under UK GDPR, please contact us at:

Email: [email protected]

Please include your name, the right you wish to exercise, and any relevant details (e.g., browser ID or date of visit). We will respond without undue delay.

Response Timeframes

We aim to respond to all requests within one calendar month. In complex cases, we may extend this period by up to two additional months and will inform you within one month of receipt of your request.

No Discrimination Policy

We will not deny you services, charge different prices, or provide a different quality of service because you exercised your rights under UK GDPR.

Updates and Changes

We may update this compliance page periodically to reflect changes in law or our practices. The most recent version will always be available on this page, with the effective date clearly stated.

Contact Information

If you have any questions about this compliance page or wish to lodge a complaint, please contact:

Name: Zara Wildon
Email: [email protected]
Address: University College Dublin, Belfield, Dublin 4, Ireland

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK’s independent supervisory authority for data protection. Visit ico.org.uk for more information.