GDPR Compliance

Last updated: May 26, 2026

Our Commitment to GDPR

silver-outlook is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your data protection rights seriously and have implemented policies and procedures to ensure your personal information is handled lawfully, fairly, and transparently.

Data Controller Information

Data Controller: silver-outlook
Address: 42 Cathedral Road, Cardiff, CF11 9LJ, United Kingdom
Email: [email protected]

Lawful Basis for Processing

We process personal data under the following lawful bases as defined in Article 6 of UK GDPR:

  • Performance of a contract (Article 6(1)(b)): When you enroll in our programmes, we process your data to fulfill our contractual obligations.
  • Consent (Article 6(1)(a)): For marketing communications and certain optional data processing activities, we rely on your explicit consent.
  • Legitimate interests (Article 6(1)(f)): For business operations, website analytics, and service improvement, where such processing does not override your fundamental rights.
  • Legal obligation (Article 6(1)(c)): To comply with legal and regulatory requirements, such as financial record-keeping.

Your GDPR Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right to Access (Article 15)

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data. We will provide this information within one month of your request, free of charge.

Right to Rectification (Article 16)

If your personal data is inaccurate or incomplete, you have the right to have it corrected or completed.

Right to Erasure (Article 17)

Also known as the "right to be forgotten," you may request deletion of your personal data when:

  • The data is no longer necessary for the purposes it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

Right to Restriction of Processing (Article 18)

You may request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object (Article 21)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making (Article 22)

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us:

Email: [email protected]
Subject line: "GDPR Rights Request"

Please include:

  • Your full name and contact information
  • Details of the specific right you wish to exercise
  • Any relevant information to help us locate your data

We will respond to your request within one month. In complex cases, we may extend this by an additional two months and will inform you of any such extension.

Data Protection Principles

In accordance with Article 5 of UK GDPR, we ensure that personal data is:

  • Processed lawfully, fairly, and transparently: We are open about how we use your data
  • Collected for specified, explicit, and legitimate purposes: We only collect data for clear reasons
  • Adequate, relevant, and limited: We collect only what is necessary
  • Accurate and kept up to date: We take reasonable steps to ensure data accuracy
  • Kept no longer than necessary: We have retention schedules and delete data when no longer needed
  • Processed securely: We use appropriate technical and organizational measures to protect your data

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls limiting who can view personal data
  • Staff training on data protection and security
  • Secure backup and recovery procedures

Data Breach Procedures

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Document all data breaches, regardless of whether notification is required

International Data Transfers

We do not routinely transfer personal data outside the United Kingdom. If such transfers become necessary, we will ensure appropriate safeguards are in place as required by Chapter V of UK GDPR.

Children's Data

While our services are designed for children and teenagers, we collect personal information only from parents or legal guardians. Where we process data of individuals under 18, we take extra care to ensure compliance with data protection requirements, particularly regarding consent and transparency.

Third-Party Processing

When we engage third-party service providers who process personal data on our behalf, we:

  • Enter into written data processing agreements as required by Article 28 of UK GDPR
  • Ensure processors provide sufficient guarantees regarding security and compliance
  • Monitor processor compliance with data protection obligations

Updates to This Information

We may update this GDPR compliance information from time to time to reflect changes in our practices or legal requirements. Significant changes will be communicated to individuals whose data we process.

Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not complied with UK GDPR:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Website: silver-outlook.com
Helpline: 0303 123 1113

Questions and Contact

If you have questions about our GDPR compliance or data protection practices, please contact us:

Email: [email protected]
Address: 42 Cathedral Road, Cardiff, CF11 9LJ, United Kingdom