GDPR Compliance

Overview

slick-paint is committed to compliance with the General Data Protection Regulation (GDPR) and respecting the data protection rights of individuals in the European Economic Area and United Kingdom. This page outlines how we fulfill our obligations under GDPR.

Data Controller

slick-paint acts as the data controller for personal information collected through our website and services. We are responsible for determining the purposes and means of processing your personal data.

Lawful Basis for Processing

We process personal data under the following lawful bases:

• Contract Performance: Processing necessary to provide services you have requested
• Legitimate Interest: Processing necessary for our legitimate business operations, balanced against your rights
• Consent: Where you have explicitly agreed to specific processing activities
• Legal Obligation: Processing required to comply with applicable laws

Your Rights Under GDPR

Right to Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.

Right to Rectification

You may request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

You may request deletion of your personal data in certain circumstances, including when data is no longer necessary for the purposes collected or when you withdraw consent.

Right to Restriction of Processing

You may request that we limit how we use your personal data in specific situations, such as while accuracy is being verified.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you may request to receive your data in a structured, commonly used format or have it transmitted to another controller.

Right to Object

You may object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds.

Rights Related to Automated Decision Making

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

Exercising Your Rights

To exercise any of these rights, contact us at [email protected] with sufficient detail to identify you and specify your request. We will respond within one month, though complex requests may require up to three months with appropriate notification.

Data Protection Officer

For data protection inquiries, you may contact us at the email address above. We take all privacy concerns seriously and will investigate and respond appropriately.

International Data Transfers

Personal data is primarily stored and processed within the United Kingdom. If data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions.

Data Breach Notification

In the event of a data breach likely to result in high risk to your rights and freedoms, we will notify affected individuals without undue delay and inform relevant supervisory authorities as required by law.

Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children. If we become aware such data has been collected, we will take steps to delete it.

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates GDPR. In the United Kingdom, the relevant authority is the Information Commissioner's Office (ICO).

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Material changes will be communicated appropriately.

Contact Information

For GDPR-related inquiries or to exercise your rights:

Email: [email protected]
Address: 47 Meadowbrook Lane, Cheltenham, Gloucestershire GL50 3QR, United Kingdom