Last updated: June 23, 2026
We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable UK data protection laws. This statement explains how we comply with these regulations and outlines your rights as a data subject.
For the purposes of GDPR, the data controller is:
marsh gate
42 Kensington Park Gardens
London W11 3HD
United Kingdom
Email: [email protected]
We process your personal data based on the following legal grounds:
Under GDPR, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information in a structured, commonly used format within one month of your request.
If you believe any information we hold about you is inaccurate or incomplete, you have the right to request correction.
You have the right to request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected or if you withdraw consent.
You can request that we limit how we use your personal data in specific situations, such as while we verify the accuracy of disputed information.
You have the right to receive your personal data in a structured, machine-readable format and to transmit it to another data controller.
You can object to processing of your personal data when we rely on legitimate interests as our legal basis for processing.
Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
To exercise any of your GDPR rights, please contact us at [email protected] with your request. We will respond within one month, though this may be extended by two additional months for complex requests.
When submitting a request, please provide sufficient information to allow us to verify your identity and locate your data within our systems.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
Your personal data is primarily stored and processed within the United Kingdom and European Economic Area. If we transfer data outside these regions, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk to you, we will also notify you directly without undue delay.
We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
United Kingdom
Website: ico.org.uk
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. We will notify you of significant changes through our website or by email where appropriate.