Your data protection rights under EU and UK GDPR
Last updated: 1 June 2026
vivid-automata is fully committed to compliance with the General Data Protection Regulation (GDPR) and the UK GDPR. We take data protection seriously and have implemented measures to ensure your personal data is handled lawfully, fairly, and transparently.
vivid-automata acts as the data controller for personal information collected through this website and in the course of providing our services. As the data controller, we are responsible for deciding how personal data is collected, held, and used.
Contact details for data protection matters:
vivid-automata
47 Clerkenwell Road
London EC1M 5RS
United Kingdom
Email: [email protected]
We process personal data on the following legal grounds:
Where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing communications.
Where the processing is necessary for the performance of a contract with you, such as when you book a service.
Where the processing is necessary for our legitimate interests, such as improving our services and maintaining security, provided your rights do not override those interests.
Where the processing is necessary to comply with a legal obligation to which we are subject.
Under GDPR, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request.
You have the right to request that we correct any inaccurate personal data or complete any incomplete data.
You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
You have the right to object to processing based on legitimate interests or direct marketing purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.
Your personal data may be transferred to, and stored at, a destination outside the UK or European Economic Area (EEA). Where we transfer data outside the UK or EEA, we will ensure that appropriate safeguards are in place to protect your data, such as Standard Contractual Clauses approved by the relevant authorities.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The retention period varies depending on the context of the processing and our legal obligations.
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach, where feasible, unless the breach is unlikely to result in a risk to your rights and freedoms. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
To exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month. In some cases, we may need to verify your identity before processing your request.
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk