GDPR Compliance

Our commitment to protecting your personal data

neurocraft-hub Ltd is committed to ensuring the security and protection of the personal information that we process, and to providing a compliant and consistent approach to data protection. This page sets out our compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

neurocraft-hub Ltd acts as a Data Controller for the personal data we collect and process. As Data Controller, we determine the purposes and means of processing personal data.

Contact details:

  • Company: neurocraft-hub Ltd
  • Address: 47 Harrington Gardens, London SW7 4JU, United Kingdom
  • Email: [email protected]

Lawful Bases for Processing

We only process personal data when we have a lawful basis to do so. The lawful bases we rely on include:

Contractual Necessity

We process personal data where it is necessary for the performance of a contract with you. This includes processing data to deliver our styling services, manage bookings, and communicate about appointments.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Our legitimate interests include improving our services, ensuring security, and conducting business analysis.

Consent

Where we rely on consent as the lawful basis for processing, you have the right to withdraw that consent at any time. This applies to marketing communications and non-essential cookies.

Legal Obligation

We may process personal data where it is necessary for compliance with a legal obligation to which we are subject, such as tax reporting requirements.

Your Rights Under GDPR

The GDPR provides you with specific rights regarding your personal data:

Right to Be Informed

You have the right to be informed about how we collect and use your personal data. We provide this information through this page and our Privacy Policy.

Right of Access

You can request a copy of the personal data we hold about you. We will respond to your request within one month of receiving it. There is usually no charge for this service.

Right to Rectification

If you believe that any personal data we hold about you is inaccurate or incomplete, you can request that we correct or complete it. We will respond within one month.

Right to Erasure

Also known as the "right to be forgotten", you can request deletion of your personal data where there is no compelling reason for its continued processing. This right is not absolute and only applies in certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transmit your data directly to another controller where technically feasible.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. If you object to direct marketing, we will stop processing your data for this purpose immediately.

Rights Related to Automated Decision-Making

You have rights relating to automated decision-making and profiling. We do not currently carry out any automated decision-making that produces legal effects or similarly significantly affects you.

Exercising Your Rights

To exercise any of your rights, please contact us at [email protected]. We may need to verify your identity before processing your request.

We aim to respond to all legitimate requests within one month. Occasionally, it may take longer if your request is particularly complex or if you have made multiple requests. In such cases, we will notify you and keep you updated.

Data Protection Principles

We adhere to the data protection principles set out in the GDPR. Personal data must be:

  • Processed lawfully, fairly, and transparently
  • Collected for specified, explicit, and legitimate purposes
  • Adequate, relevant, and limited to what is necessary
  • Accurate and kept up to date
  • Kept in a form that permits identification for no longer than necessary
  • Processed in a manner that ensures appropriate security

International Transfers

We primarily process data within the United Kingdom and European Economic Area. If we transfer personal data outside these regions, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the relevant authorities.

Data Security Measures

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data where appropriate
  • Access controls limiting who can view personal data
  • Regular testing and evaluation of security measures
  • Staff training on data protection requirements
  • Secure disposal of data when no longer needed

Data Breach Procedures

We have procedures in place to detect, report, and investigate personal data breaches. If a breach is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of it. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office:

We would, however, appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.

Updates to This Information

We review our GDPR compliance regularly and may update this page to reflect any changes in our practices or legal requirements. We recommend checking this page periodically.

Further Information

For more detailed information about how we handle personal data, please refer to our Privacy Policy. For information about our use of cookies, please see our Cookies Policy.

We use cookies to enhance your browsing experience and analyse our traffic. By clicking "Accept All", you consent to our use of cookies. Read our Cookies Policy for more information.