GDPR

GDPR and UK data protection commitments

iridescent-shore is committed to handling personal data in line with the UK General Data Protection Regulation and Data Protection Act. This page outlines our role as a data controller and your rights.

Data controller details

iridescent-shore determines how and why personal data is processed for benefit support services.

Contact for data protection

Email [email protected] for GDPR-related requests or questions.

Categories of data processed

We process personal data relevant to benefit applications, such as contact details and case documentation. When sensitive data is required, it is handled with additional safeguards.

Identity and contact

Name, email, and related communication details.

Case documentation

Benefit history, supporting letters, and evidence summaries.

Special category data

Health-related information shared for eligibility decisions.

Your GDPR rights

You can exercise your GDPR rights at any time. We respond to requests within one month, unless complexity requires an extension.

Right of access

Receive a copy of the personal data we hold about you.

Right to rectification

Correct inaccurate or incomplete information.

Right to erasure

Request deletion where no legal obligation applies.

Right to restrict

Limit processing while we review or update information.

Right to object

Object to processing based on legitimate interests.

Right to portability

Receive your data in a structured, commonly used format.

International transfers

We store data within the United Kingdom. If international transfers become necessary, we will use appropriate safeguards and inform you.

Data security

We maintain access controls, secure storage, and regular audits to protect personal information.