Your data protection rights under the General Data Protection Regulation
Last Updated: 1 January 2024
glade-verse Culinary Academy is committed to protecting your personal data and respecting your privacy rights. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
glade-verse Culinary Academy is the data controller responsible for your personal data.
Contact Details:
glade-verse Culinary Academy
47 Culinary Lane
London, EC2A 4PQ
United Kingdom
Email: [email protected]
Under the GDPR, you have the following rights regarding your personal data:
You have the right to know how your personal data is being collected and used. This information is provided in our Privacy Policy and this GDPR notice.
You have the right to request a copy of the personal data we hold about you. This is commonly known as a "Subject Access Request." We will respond to your request within one month.
You have the right to request that we correct any personal data you believe is inaccurate or complete any information you believe is incomplete.
You have the right to request that we erase your personal data in certain circumstances, including:
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
You have the right to request that we transfer the personal data you provided to us to another organisation, or directly to you, in a structured, commonly used, machine-readable format.
You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes. If you object to direct marketing, we will stop processing your data for that purpose immediately.
You have the right not to be subject to decisions based solely on automated processing that produce legal effects or significantly affect you. We do not currently use automated decision-making processes.
To exercise any of these rights, please contact us at:
Email: [email protected]
Subject line: "GDPR Request - [Your Request Type]"
We may need to verify your identity before processing your request. We will respond to your request within one month. If your request is complex, we may extend this by a further two months, but we will inform you of this within the first month.
We process your personal data based on one or more of the following legal bases:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Our retention periods are:
We primarily store and process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours. If the breach is likely to result in a high risk to you, we will also notify you directly.
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire, SK9 5AF
Website: ico.org.uk
We may update this GDPR notice from time to time. Any changes will be posted on this page with an updated revision date.