GDPR Compliance
Our commitment to data protection under the UK General Data Protection Regulation
Last updated: June 2026
Our Commitment to Data Protection
clearpeak-service is committed to processing personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides an overview of how we meet our obligations under these regulations.
Data Controller Information
clearpeak-service acts as the data controller for personal information collected through this website and in connection with our ecological consulting services.
Contact details:
clearpeak-service
47 Greenwood Business Centre
Bristol BS8 4HW
United Kingdom
Email: [email protected]
Principles of Data Processing
We adhere to the core principles of the UK GDPR in all our data processing activities:
Lawfulness, Fairness, and Transparency
We process personal data lawfully and fairly, providing clear information about how we use your data through our privacy notices and this compliance documentation.
Purpose Limitation
We collect personal data for specified, explicit, and legitimate purposes. We do not process data in ways incompatible with these purposes without additional consent or legal justification.
Data Minimisation
We collect only the personal data that is necessary for the purposes for which it is processed. We regularly review our data collection practices to ensure ongoing compliance with this principle.
Accuracy
We take reasonable steps to ensure that personal data is accurate and kept up to date. We encourage individuals to inform us of any changes to their information.
Storage Limitation
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law or professional obligations.
Integrity and Confidentiality
We implement appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
Your Data Subject Rights
Under the UK GDPR, you have the following rights in relation to your personal data:
Right of Access
You have the right to obtain confirmation of whether we process your personal data and to access that data. You may request a copy of your personal data by contacting us.
Right to Rectification
You have the right to request correction of inaccurate personal data and to have incomplete data completed.
Right to Erasure
In certain circumstances, you have the right to request deletion of your personal data. This right is not absolute and applies only in specific situations defined by law.
Right to Restrict Processing
You may request restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
Right to Data Portability
Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format.
Right to Object
You have the right to object to processing of your personal data based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
Rights Related to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently engage in such automated decision-making.
Exercising Your Rights
To exercise any of your data subject rights, please contact us using the details provided above. We will respond to your request within one month of receipt. In complex cases, this period may be extended by a further two months, in which case we will inform you of the extension and the reasons for it.
We may request verification of your identity before processing your request to protect your personal data.
Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to individuals' rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. Where a breach is likely to result in a high risk to affected individuals, we will also notify those individuals directly.
International Data Transfers
We primarily process personal data within the United Kingdom. Where we transfer personal data to countries outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.
Complaints
If you are dissatisfied with how we have handled your personal data or responded to a rights request, you have the right to lodge a complaint with the Information Commissioner's Office:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
Policy Updates
We review our data protection practices regularly and may update this compliance information accordingly. Significant changes will be communicated through appropriate channels.