UK GDPR

  • Nov, 7 2024

UK GDPR Compliance

Retallack Retreats is committed to respecting your data protection rights under the UK General Data Protection Regulation (UK GDPR). This page explains how we comply with your rights as a data subject, even though we do not store personal data through user registration or databases.

Scope and Applicability

The UK GDPR applies to the processing of personal data of individuals in the UK. While Retallack Retreats does not collect personal information through accounts or forms, we may process limited personal data automatically through website analytics, server logs, and cookies to improve user experience and site functionality.

Your Rights Under UK GDPR

Under the UK GDPR, you have the following rights:

  • Right of access – to know what personal data we hold about you
  • Right to rectification – to correct inaccurate data
  • Right to erasure – to request deletion of your data
  • Right to restrict processing – to limit how your data is used
  • Right to data portability – to receive your data in a structured format
  • Right to object – to object to processing based on legitimate interest
  • Right to withdraw consent – where consent is the legal basis

How We Comply

We do not maintain user profiles, databases, or personally identifiable information collected through registration. Any personal data collected is limited to:

  • IP addresses (anonymised in analytics)
  • Cookies for site functionality and performance
  • Server logs for security and technical maintenance

We use third-party analytics tools (e.g., Google Analytics) with IP anonymisation enabled and do not link data to identifiable individuals.

Data We Process

The only personal data we process includes:

  • Non-identifiable browsing data via cookies
  • Anonymous aggregated usage statistics
  • Server logs containing IP addresses (automatically deleted after 30 days)

No names, email addresses, phone numbers, or payment details are stored on our servers.

Legal Basis for Processing

We rely on legitimate interest as the legal basis for processing, including:

  • Ensuring website security and performance
  • Improving user experience through analytics
  • Maintaining technical functionality

We do not process sensitive personal data, nor do we engage in profiling or automated decision-making.

How to Exercise Your Rights

To exercise any of your rights under UK GDPR, please contact us by email at [email protected]. Include your full name, the right you wish to exercise, and any relevant details (e.g., browser or device information if applicable). We will respond without undue delay.

Response Timeframes

We are required to respond to your request within one month. If your request is complex or numerous, we may extend this period by up to two additional months and will inform you within one month of receipt.

No Discrimination Policy

You will not be denied services, charged different prices, or receive a different quality of service because you exercised your rights under UK GDPR.

Updates and Changes

We may update this page periodically to reflect changes in law or our practices. Any updates will be posted here with the effective date. We recommend reviewing this page occasionally.

Contact Information

If you have any questions, concerns, or wish to lodge a complaint regarding your data rights, please contact:

Elara Thistlewood
1234 Burrard St, Vancouver, BC V6Z 1Y6, Canada
[email protected]

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): ico.org.uk.