GDPR Compliance

Your data protection rights and our compliance with UK GDPR.

Last updated: 1 January 2026

zenith-glide Ltd is committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides detailed information about your rights and our obligations under data protection law.

Our Role and Responsibilities

zenith-glide Ltd acts as a data controller for the personal information we collect about you. This means we determine the purposes and means of processing your personal data. Our contact details are:

zenith-glide Ltd
47 Charter Row
Sheffield, S1 2EX
Email: [email protected]
ICO Registration: ZA482917

We are registered with the Information Commissioner's Office (ICO), the UK's independent authority set up to uphold information rights.

Data Protection Principles

We adhere to the core principles of UK GDPR. Personal data must be:

Lawful Bases for Processing

UK GDPR requires us to have a lawful basis for processing personal data. Depending on the circumstances, we rely on the following:

Contract

Processing is necessary to fulfil our contractual obligations to you. When you engage our services, we need to process your data to deliver those services effectively.

Legal Obligation

Processing is necessary to comply with UK law. As financial service providers, we have obligations under tax law, anti-money laundering regulations, and other statutory requirements.

Legitimate Interests

Processing is necessary for our legitimate business interests, provided these don't override your rights. We've conducted assessments to ensure our legitimate interests are balanced against your privacy rights.

Consent

Where we process data based on your consent (such as marketing communications), you can withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

Your Rights Under UK GDPR

UK GDPR provides you with specific rights regarding your personal data:

Right to Be Informed

You have the right to know how we collect and use your personal data. Our Privacy Policy and this GDPR page provide this information.

Right of Access

You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month and provide the information free of charge in most circumstances.

Right to Rectification

If any personal data we hold is inaccurate or incomplete, you have the right to have it corrected. We will respond within one month.

Right to Erasure

Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose. Note that legal and regulatory requirements may require us to retain certain data.

Right to Restrict Processing

You can request that we limit how we use your data. This applies while we verify accuracy of contested data, if processing is unlawful but you don't want deletion, if we no longer need the data but you need it for legal claims, or while we consider an objection you've raised.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you have the right to receive your data in a commonly used, machine-readable format and have it transferred to another controller.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. For direct marketing, we will stop processing immediately. For other purposes, we will stop unless we can demonstrate compelling legitimate grounds.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making of this nature.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]
Post: zenith-glide Ltd, 47 Charter Row, Sheffield, S1 2EX

We may need to verify your identity before processing your request. We will respond to most requests within one month. If your request is complex or we receive many requests, we may extend this by up to two additional months, but we will let you know within the first month.

Data Security Measures

We have implemented comprehensive security measures to protect your personal data:

Data Breach Procedures

In the event of a personal data breach, we have procedures in place to:

International Transfers

We primarily process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place as required by UK GDPR, such as standard contractual clauses or transfers to countries with adequacy decisions.

Children's Data

Our services are not directed at children under 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

Changes to This Information

We may update this GDPR information from time to time. Significant changes will be communicated via our website. The date at the top shows when this page was last revised.

Complaints

If you believe we have not complied with your data protection rights, you have the right to lodge a complaint with the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

However, we would appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first and we will do our best to resolve the matter.

Further Information

For more details about how we handle your personal data, please read our full Privacy Policy. For information about our use of cookies, see our Cookies Policy.

We use cookies to improve your experience on our website. Some are essential for site functionality, while others help us understand how you use our services.