General Data Protection Regulation statement.
twinkle-vault complies with UK GDPR and Data Protection Act requirements when processing personal data.
Data controller
twinkle-vault, United Kingdom.
Purpose of processing
We process personal data to respond to enquiries, deliver contracted services, and maintain professional records for service delivery.
Lawful basis
Legitimate interests, contractual necessity, and consent where required for optional analytics.
Your rights
Access and portability
You can request access to your personal data and receive it in a portable format.
Correction and deletion
You can request corrections or erasure where there is no lawful basis to keep data.
Objection and restriction
You can object to processing or request restrictions in certain circumstances.
Data transfers and safeguards
If data is transferred outside the UK, we use contractual safeguards and providers that meet regulatory requirements.
Data retention
We retain data only for the duration needed to deliver services and meet legal obligations.
Raising a concern
Contact our privacy team at [email protected]. You may also lodge a complaint with the Information Commissioner's Office if needed.