GDPR Compliance

Your rights under data protection legislation and how we uphold them.

Last updated: 1 March 2026

laser-shadow Culinary Education Ltd is fully committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we meet our obligations and how you can exercise your rights.

Our Commitment

We take data protection seriously and have implemented comprehensive measures to ensure your personal information is handled lawfully, fairly, and transparently. Our approach to data protection is built into our business processes from the ground up.

Data Controller Information

laser-shadow Culinary Education Ltd acts as the data controller for personal information collected through our website and services.

  • Company Name: laser-shadow Culinary Education Ltd
  • Registered Number: 09847231
  • Address: 47 Harbour Lane, Bristol BS1 4QN
  • Contact Email: [email protected]

Your Rights Under GDPR

The GDPR provides you with specific rights regarding your personal data. We are committed to facilitating the exercise of these rights.

Right to Access

You have the right to obtain confirmation that we are processing your personal data and to receive a copy of that data. We will respond to access requests within one month of receipt.

Right to Rectification

If any personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected. Contact us with the correct information and we will update our records promptly.

Right to Erasure

Also known as the "right to be forgotten", you can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose or when you withdraw consent.

Right to Restrict Processing

You can ask us to limit how we use your data while disputes about accuracy are resolved, or where processing is unlawful but you prefer restriction over erasure.

Right to Data Portability

Where technically feasible, you can request your personal data in a structured, commonly used format to transfer to another service provider.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds.

Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected] with your request. To protect your privacy and security, we may need to verify your identity before processing your request.

We will respond to all legitimate requests within one month. If your request is particularly complex or you have made multiple requests, we may extend this period by two months, but we will inform you of any extension within the initial month.

Lawful Basis for Processing

We process personal data only when we have a valid legal basis. The bases we rely upon include:

  • Contractual necessity: Processing required to fulfil our agreement with you when you book courses
  • Legitimate interests: Processing necessary for our legitimate business purposes, balanced against your interests and fundamental rights
  • Consent: Where you have freely given clear consent for specific processing activities
  • Legal obligation: Processing required to comply with applicable laws and regulations

Data Protection Measures

We implement robust technical and organisational measures to protect personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Staff training on data protection principles
  • Access controls limiting data access to authorised personnel
  • Incident response procedures for data breaches
  • Regular review of data processing activities

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours where feasible. If the breach is likely to result in a high risk to you, we will also notify you directly without undue delay.

International Data Transfers

When we transfer personal data outside the United Kingdom, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the relevant authorities or transfers to countries with adequate data protection standards.

Data Protection Impact Assessments

For processing activities likely to result in high risk to individuals, we conduct Data Protection Impact Assessments to identify and minimise data protection risks.

Complaints

If you are dissatisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk

We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us first at [email protected].

Updates to This Information

We periodically review and update our GDPR compliance practices and documentation. Check this page for the latest information on how we protect your data rights.

We Value Your Privacy

We use cookies to enhance your browsing experience and analyse site traffic. You can manage your preferences at any time.

Cookie Preferences

Necessary Cookies

Required for the website to function properly. These cannot be disabled.

Analytics Cookies

Help us understand how visitors interact with our website to improve the experience.

Marketing Cookies

Used to deliver relevant advertisements and track campaign performance.

Preference Cookies

Remember your settings and preferences for a better experience on return visits.