GDPR Compliance
Your data protection rights under UK GDPR
Last Updated: January 1, 2024
1. What is UK GDPR?
The UK General Data Protection Regulation (UK GDPR) is the UK's data protection law that came into effect on January 1, 2021. It provides enhanced protection for personal data and gives individuals greater control over how their information is used.
2. Your Data Protection Rights
Under UK GDPR, you have the following rights regarding your personal data:
Right of Access
You have the right to request copies of your personal data that we hold. This includes information about how we process your data and why.
Right to Rectification
You can request that we correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure
You can request that we delete your personal data in certain circumstances, such as when it's no longer necessary for the original purpose.
Right to Restrict Processing
You can request that we limit how we use your personal data in certain situations.
Right to Data Portability
You can request that we provide your personal data in a structured, commonly used format so you can transfer it to another service.
Right to Object
You can object to us processing your personal data for certain purposes, such as direct marketing or legitimate interests.
3. How to Exercise Your Rights
To exercise any of your data protection rights, please contact us using the information provided at the bottom of this page. We will respond to your request within one month of receipt.
Request Process:
- Submit Your Request: Contact us with details of your request
- Identity Verification: We may need to verify your identity to protect your data
- Response: We will respond within 30 days (or 60 days for complex requests)
- No Charge: Most requests are free, though we may charge a reasonable fee for excessive requests
4. Data Processing Lawful Basis
We process your personal data under the following lawful bases as defined by UK GDPR:
5. Data Protection Impact Assessments
We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities, including:
- Age verification systems
- Automated decision-making processes
- Large-scale data processing operations
- Processing of special category data
6. Data Breach Procedures
In the event of a personal data breach, we have procedures in place to:
- Detect and assess the breach within 24 hours
- Report to the ICO within 72 hours if required
- Notify affected individuals within 72 hours if high risk
- Document all breaches and remedial actions taken
7. International Data Transfers
When we transfer your data outside the UK, we ensure appropriate safeguards are in place:
- Adequacy Decisions: Countries deemed adequate by the UK government
- Standard Contractual Clauses: EU-approved contract terms
- Binding Corporate Rules: Internal data protection policies
- Certification Schemes: Approved certification mechanisms
8. Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance:
Email: dpo@lyckyslotsuk.com
Phone: +44 20 1234 5678
Address: Lucky Slots UK, Data Protection Officer, London, United Kingdom
9. Supervisory Authority
You have the right to lodge a complaint with the UK's data protection supervisory authority:
Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
10. Updates to This Information
We may update this GDPR information from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes and update the "Last Updated" date.
11. Contact Us
If you have any questions about your data protection rights or our GDPR compliance, please contact us:
Email: privacy@lyckyslotsuk.com
Phone: +44 20 1234 5678
Address: Lucky Slots UK, London, United Kingdom