GDPR Compliance Information

This page provides information about how glitch-spiral complies with the General Data Protection Regulation (GDPR) in processing personal data of individuals in the European Economic Area and the United Kingdom.

Data Controller

glitch-spiral acts as data controller for personal information collected through our website and in connection with providing terminal maintenance services.

Legal Basis for Processing

We process personal data under the following legal bases:

• Contract performance: Processing necessary to provide services you have requested
• Legitimate interests: Processing necessary for our business operations, such as responding to inquiries and improving our services
• Legal obligation: Processing required to comply with applicable laws and regulations
• Consent: Where you have provided explicit consent for specific processing activities

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access

You have the right to request confirmation of whether we process your personal data and to obtain access to such data.

Right to Rectification

You have the right to request correction of inaccurate personal data and completion of incomplete data.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing

You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive personal data you provided to us in a structured, commonly used format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, though this period may be extended by two additional months in complex cases.

We may require proof of identity before processing requests to exercise these rights.

Data Processing Activities

We process personal data for the following purposes:

• Processing service requests and scheduling maintenance visits
• Communicating about services and technical matters
• Maintaining service records and documentation
• Improving our website and services
• Complying with legal and regulatory requirements

Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Service records are maintained for the duration of our business relationship and for a period afterwards as required by applicable regulations.

International Data Transfers

Personal data is primarily processed and stored within the United Kingdom. If data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements.

Automated Decision Making

We do not use automated decision making or profiling that produces legal effects or similarly significant effects on individuals.

Right to Lodge a Complaint

If you believe our processing of your personal data violates data protection law, you have the right to lodge a complaint with the UK Information Commissioner's Office or the supervisory authority in your jurisdiction.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including measures to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage.

Updates to This Information

This GDPR information may be updated from time to time. Material changes will be communicated through our website.