GDPR Compliance

Last updated: January 2024

proactive-bridge Ltd is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides additional information about how we handle personal data in accordance with these regulations.

Who We Are

proactive-bridge Ltd acts as the data controller for personal information collected through our website and services. This means we determine the purposes and means of processing your personal data.

Company: proactive-bridge Ltd
Address: Unit 14, Riverside Business Centre, Battersea Park Road, London SW11 4NP
Email: [email protected]

Data Protection Principles

We adhere to the following principles when processing personal data:

  • Lawfulness, fairness, and transparency: We process data lawfully and tell you clearly how we use it
  • Purpose limitation: We collect data for specified, explicit purposes and do not process it incompatibly with those purposes
  • Data minimisation: We only collect data that is adequate, relevant, and limited to what is necessary
  • Accuracy: We take reasonable steps to ensure data is accurate and kept up to date
  • Storage limitation: We keep data only as long as necessary for the purposes for which it was collected
  • Integrity and confidentiality: We process data securely using appropriate technical and organisational measures
  • Accountability: We can demonstrate compliance with these principles

Your Rights Under UK GDPR

As a data subject, you have the following rights:

Right to Be Informed

You have the right to know how your data is being used. Our Privacy Policy and this page provide this information.

Right of Access

You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month of receiving your request.

Right to Rectification

If your personal data is inaccurate or incomplete, you have the right to have it corrected. We will make corrections within one month of your request.

Right to Erasure

Also known as the "right to be forgotten", you can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You can request that we limit how we use your data while concerns are being investigated or verified.

Right to Data Portability

Where technically feasible, you can request your data in a structured, commonly used, machine-readable format to transfer to another service provider.

Right to Object

You can object to certain types of processing, including processing for direct marketing purposes.

Rights Related to Automated Decision-Making

You have rights regarding automated decisions that significantly affect you. We do not currently use automated decision-making that has legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of these rights, please contact us via email at [email protected]. To protect your privacy, we may need to verify your identity before processing your request.

We do not charge a fee for most requests. However, if your request is clearly unfounded or excessive, we may charge a reasonable administrative fee or refuse to act on the request.

Special Category Data

As a fitness coaching business, we may process health-related information which is classified as special category data under UK GDPR. We process this data based on your explicit consent, which you provide when completing our health questionnaires. You may withdraw this consent at any time, though this may affect our ability to provide certain services safely.

Data Transfers

We primarily store and process data within the United Kingdom. If we need to transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

Data Retention

We retain personal data only for as long as necessary:

  • Client records: Retained for 7 years after the end of our business relationship for legal and insurance purposes
  • Health information: Retained for 7 years after the end of our business relationship
  • Marketing contacts: Retained until you unsubscribe or request removal
  • Website analytics: Typically retained for up to 26 months

Data Breaches

We have procedures in place to detect, report, and investigate personal data breaches. If a breach is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours and, where required, notify affected individuals without undue delay.

Staff Training

All our staff who handle personal data receive appropriate training on data protection responsibilities and the importance of keeping your information secure.

Complaints

If you believe we have not handled your data correctly or you are not satisfied with how we have responded to a request, you have the right to complain to the supervisory authority:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
Helpline: 0303 123 1113

We would, however, appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first so we can try to resolve the matter directly.

Updates to This Information

We review our data protection practices regularly and may update this page to reflect changes. Please check back periodically for any updates.

Further Information

For more detailed information about how we collect and use your personal data, please refer to our Privacy Policy. For information about cookies, see our Cookies Policy.