GDPR Compliance

Last updated: 15 June 2026

Our Commitment to Data Protection

pebble-finch is committed to protecting your personal data in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018.

Data Controller

pebble-finch is the data controller for personal information processed through our services.

Contact details:
Email: [email protected]
Address: Unit 7B, Parkway Business Centre, Attercliffe Common, Sheffield S9 2WE, United Kingdom

Lawful Basis for Processing

We process personal data under the following lawful bases:

• Contract Performance: Processing necessary to fulfill your booking and provide our services
• Legitimate Interests: Operating our business, improving services, and maintaining customer relationships
• Legal Obligation: Compliance with tax, accounting, and regulatory requirements
• Consent: Where you have given explicit consent for specific processing activities

Data Subject Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You can request a copy of the personal data we hold about you, free of charge in most cases.

Right to Rectification

You can ask us to correct inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You can request that we limit how we use your personal data in specific situations.

Right to Data Portability

You can request a copy of your data in a structured, commonly used format to transfer to another service provider.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

We do not use automated decision making or profiling that produces legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected] with your request. We will respond within one month of receiving your request.

You may be required to provide identification to verify your identity before we process your request.

Right to Lodge a Complaint

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: www.ico.org.uk
Telephone: 0303 123 1113

International Data Transfers

We operate within the United Kingdom and do not transfer personal data outside the UK. If circumstances change, we will implement appropriate safeguards and inform affected individuals.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the ICO within 72 hours of becoming aware of the breach.

Data Protection Officer

For our business size and activities, we are not required to appoint a dedicated Data Protection Officer. Data protection queries should be directed to our main contact email.

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised date.