GDPR & data protection

Purpose

This page summarises how Fflam aligns with UK GDPR and the Data Protection Act 2018 in plain language. It supplements our Privacy policy and does not replace it.

Principles

We aim to process personal data lawfully, fairly, and transparently; collect only what we need; keep it accurate; store it only as long as necessary; and protect it with appropriate security.

Your rights

Subject to exemptions, you may have the right to: access your data; correct inaccuracies; request erasure; restrict processing; object to certain processing; and receive a portable copy of data you provided where processing is automated and based on consent or contract.

To make a request, email bookings@fflam.wales. We will respond within one month in most cases (extensions may apply for complex requests).

Complaints

You may complain to the Information Commissioner’s Office (ICO) if you believe we have mishandled your data: ico.org.uk.

Processors

We use trusted processors (e.g. website host) under written terms requiring them to protect data and process it only on our instructions.

Breaches

If a personal data breach occurs that is likely to risk your rights, we will notify the ICO and affected individuals where required by law.

Updates

We review this statement periodically. Last updated aligns with the date shown on this page.