Last Updated: 28th December 2024

Our Commitment

Words and Seeds Limited is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). This statement explains how we meet GDPR requirements.

Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent

  • Contract fulfillment

  • Legal obligations

  • Legitimate interests

Your Rights Under GDPR

You have the right to:

  1. Access your personal data

  2. Rectify inaccurate data

  3. Erase your data ("right to be forgotten")

  4. Restrict processing

  5. Data portability

  6. Object to processing

  7. Withdraw consent

  8. Lodge complaints with supervisory authorities

Data Protection Measures

We implement appropriate technical and organizational measures:

  • Data encryption

  • Access controls

  • Regular security assessments

  • Staff training

  • Data minimisation practices

Data Protection Officer

Our Data Protection Officer can be contacted at: mike@storiesthatmatter.co

International Transfers

When we transfer data outside the EEA, we ensure:

  • Adequate safeguards are in place

  • Standard contractual clauses are used

  • Privacy Shield certification (where applicable)

Data Breach Procedures

We maintain procedures to:

  • Detect data breaches

  • Notify authorities within 72 hours

  • Inform affected individuals when required

  • Document all breaches

Record Keeping

We maintain records of:

  • Processing activities

  • Data protection impact assessments

  • Consent management

  • Data breach incidents

Regular Reviews

We regularly review and update our:

  • Privacy policies

  • Security measures

  • Processing activities

  • Staff training

Contact Information

For GDPR-related inquiries: mike@storiesthatmatter.co

Supervisory Authority

You can contact the ICO at: Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF