GDPR Compliance

Last Updated: May 10, 2026

Our Commitment to GDPR

breeze-cipher is committed to complying with the General Data Protection Regulation (GDPR) and protecting the privacy rights of individuals in the European Union and the United Kingdom.

This page outlines how we comply with GDPR principles and your rights as a data subject.

Data Controller

breeze-cipher acts as the data controller for personal information collected through our website and services.

Contact Details:
breeze-cipher Financial Solutions
42 Kingsway Boulevard
Manchester, M20 4TH
United Kingdom
Email: [email protected]

Lawful Basis for Processing

We process personal data only when we have a lawful basis to do so. Our lawful bases include:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose.
  • Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  • Legal Obligation: Processing is necessary for us to comply with the law.
  • Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

1. The Right to Be Informed

You have the right to be informed about the collection and use of your personal data. This information is provided in our Privacy Policy.

2. The Right of Access

You have the right to access your personal data and receive information about how we process it.

3. The Right to Rectification

You have the right to have inaccurate personal data corrected or completed if it is incomplete.

4. The Right to Erasure

Also known as "the right to be forgotten," you have the right to request the deletion or removal of your personal data where there is no compelling reason for its continued processing.

5. The Right to Restrict Processing

You have the right to request the restriction of processing of your personal data in certain circumstances.

6. The Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.

7. The Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.

8. Rights Related to Automated Decision Making and Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Subject: GDPR Rights Request

We will respond to your request within one month of receipt. In some cases, this period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection
  • Regular backups and disaster recovery procedures

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

International Data Transfers

We primarily process data within the United Kingdom. If we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions
  • Binding corporate rules

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • To provide our services to you
  • To comply with legal, accounting, or reporting requirements
  • To resolve disputes and enforce our agreements

When determining retention periods, we consider the nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements.

Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state or UK country of your habitual residence, place of work, or place of the alleged infringement if you believe our processing of your personal data violates GDPR.

UK Supervisory Authority:
Information Commissioner's Office (ICO)
Website: https://breeze-cipher.com

Updates to This Policy

We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website.

Contact Us

If you have any questions about our GDPR compliance or data protection practices, please contact us:

Email: [email protected]
Address: 42 Kingsway Boulevard, Manchester, M20 4TH, United Kingdom