Your rights under the General Data Protection Regulation
Pioneer Shift is committed to protecting the privacy and security of your personal data in compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This page explains your rights and how we handle your data.
Pioneer Shift is the data controller responsible for your personal data. Our contact details are:
Pioneer Shift
47 Charlotte Street
London W1T 1RS
United Kingdom
Email: [email protected]
The GDPR provides you with specific rights regarding your personal data:
You have the right to be informed about how we collect and use your personal data. This information is provided in our Privacy Policy and this GDPR page.
You have the right to request a copy of the personal data we hold about you. This is commonly known as a "subject access request". We will respond to your request within one month.
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. We will respond within one month.
You have the right to request the deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
You have the right to object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
You have the right not to be subject to a decision based solely on automated processing that produces legal effects or significantly affects you. We do not currently use automated decision-making processes.
We process your personal data on the following legal bases:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Our retention periods are:
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours. If the breach is likely to result in a high risk to you, we will also notify you directly.
To exercise any of your rights, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or you have made multiple requests, we may extend this period by up to two months, in which case we will inform you.
There is no fee for exercising your rights in most cases. However, we may charge a reasonable fee if your request is clearly unfounded or excessive, or we may refuse to comply with your request in these circumstances.
If you are not satisfied with how we handle your personal data or your request, you have the right to lodge a complaint with the Information Commissioner's Office:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.
Last updated: January 2024