GDPR Compliance

Last updated: May 19, 2026

Our Commitment to GDPR

silent-zephyr is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). This page outlines how we handle your data in accordance with GDPR requirements.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data for specific purposes
  • Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
  • Legal obligation: Processing is necessary for us to comply with the law
  • Legitimate interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those interests

Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service if the request is manifestly unfounded or excessive.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions.

Right to Data Portability

You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Address: 42 Redchurch Street, Shoreditch, London E2 7DP, United Kingdom

We will respond to your request within one month of receipt. In certain circumstances, we may extend this period by a further two months, in which case we will inform you of the reason for the delay.

Data Protection Officer

For questions about how we handle your personal data or to make a complaint, you can contact our Data Protection Officer at [email protected].

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement if you believe that the processing of your personal data infringes the GDPR.

In the United Kingdom, the supervisory authority is:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Pseudonymization and encryption of personal data
  • Ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems
  • Regular testing, assessment, and evaluation of the effectiveness of technical and organizational measures
  • A process for regularly testing and evaluating the effectiveness of security measures

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay, and where feasible, within 72 hours of becoming aware of the breach.

International Data Transfers

We primarily store and process data within the United Kingdom and European Economic Area. If we transfer your personal data outside of the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions recognizing that a country provides adequate protection
  • Binding corporate rules

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

Updates to This Policy

We may update this GDPR compliance statement from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date.

Contact Information

For any questions regarding our GDPR compliance or to exercise your rights, please contact:

silent-zephyr
42 Redchurch Street
Shoreditch, London E2 7DP
United Kingdom
Email: [email protected]