GDPR Compliance

Our commitment to protecting your data rights under UK GDPR

Data Protection Principles

Lumen Structures processes personal data in accordance with UK GDPR and the Data Protection Act 2018. We adhere to the following principles:

  • Lawfulness, fairness, and transparency in all data processing
  • Purpose limitation: data collected for specified, legitimate purposes
  • Data minimization: only collecting necessary information
  • Accuracy: keeping personal data up to date
  • Storage limitation: retaining data only as long as necessary
  • Integrity and confidentiality: ensuring appropriate security

Your Data Protection Rights

Under UK GDPR, you have comprehensive rights regarding your personal data:

Right to Be Informed

You have the right to clear information about how we collect and use your personal data. This information is provided in our Privacy Policy and at the point of data collection.

Right of Access

You can request a copy of the personal data we hold about you. We will provide this within one month of your request, free of charge in most cases.

Right to Rectification

If your personal data is inaccurate or incomplete, you have the right to have it corrected. We will update our records promptly upon notification.

Right to Erasure

Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances, such as when it's no longer necessary for the purpose it was collected.

Right to Restrict Processing

You can request that we limit how we use your data if you contest its accuracy, object to processing, or if processing is unlawful but you don't want data erased.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and transmit it to another data controller.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds that override your interests.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that significantly affect you. We do not engage in automated decision-making for our pension advisory services.

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us:

  • Email: [email protected]
  • Post: 47 Kingsway Boulevard, Cheltenham, GL50 2PF, United Kingdom

We will respond to your request within one month. If your request is complex, we may extend this period by two additional months and will inform you of the extension.

Data Controller Information

Lumen Structures is the data controller responsible for your personal data. Our contact details are:

Company Name: Lumen Structures
Address: 47 Kingsway Boulevard, Cheltenham, GL50 2PF, United Kingdom
Email: [email protected]

Data Protection Officer

For matters specifically related to data protection, you can contact our Data Protection Officer at [email protected].

Data Security Measures

We implement robust security measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security audits and penetration testing
  • Access controls limiting data access to authorized personnel
  • Staff training on data protection and security
  • Incident response procedures for data breaches

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach.

International Data Transfers

We primarily process data within the United Kingdom. If we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ICO Website: www.ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Updates to GDPR Compliance

We regularly review our data protection practices to ensure ongoing compliance with UK GDPR. Any material changes will be communicated through our website and, where appropriate, directly to affected individuals.