Our commitment to protecting your personal data under the UK General Data Protection Regulation.
Last updated: January 2024
Lunar-Burst takes data protection seriously. As a financial consultancy, we handle sensitive personal and financial information, and we recognise the trust you place in us when sharing this data. This page outlines how we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Lunar-Burst acts as the data controller for personal information collected through our services and website. This means we determine how and why your personal data is processed.
Data Controller: Lunar-Burst
Address: 47 Castle Boulevard, Nottingham, NG7 1FE
Data Protection Contact: [email protected]
The UK GDPR provides you with specific rights regarding your personal data. We are committed to facilitating the exercise of these rights:
You have the right to know how we collect and use your personal data. We provide this information through our Privacy Policy and at the point of data collection.
You can request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request. We will respond within one month of receiving your request.
If you believe any personal data we hold about you is inaccurate or incomplete, you have the right to request correction. We will address your request promptly.
Also known as the "right to be forgotten", you may request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose.
You can ask us to limit how we use your data while you contest its accuracy or object to our processing. During restriction, we may store your data but not actively use it.
Where processing is based on consent or contract and carried out by automated means, you can request your data in a structured, commonly used, machine-readable format.
You can object to processing based on legitimate interests or for direct marketing purposes. For marketing, we will stop processing immediately upon your objection.
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not use automated decision-making in our services.
To exercise any of your data protection rights, please contact us at [email protected]. When making a request, please provide:
We may need to verify your identity before processing your request. We will respond to valid requests within one month, though this may be extended by up to two months for complex requests, in which case we will inform you.
We process personal data only when we have a valid legal basis. The bases we rely upon include:
When you engage our financial management services, we process your data as necessary to fulfil our contractual obligations. This includes analysing your financial information to provide advice and creating reports and recommendations.
Where we rely on consent, you have given clear, informed agreement to the processing of your data for specific purposes. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
We may process data based on our legitimate business interests, provided these do not override your fundamental rights. Examples include improving our services, ensuring network security, and preventing fraud. We conduct balancing tests to ensure our interests do not unduly impact you.
Certain processing is required to comply with UK law, including financial regulations, tax requirements, and anti-money laundering obligations.
Financial consultancy occasionally involves special category data, such as health information relevant to insurance or retirement planning. We only process such data with your explicit consent or where necessary for reasons of substantial public interest, and we apply additional safeguards to protect this information.
We adhere to the data protection principles set out in UK GDPR:
In the unlikely event of a personal data breach, we have procedures in place to:
We primarily store and process your data within the United Kingdom. Where international transfers are necessary, we ensure compliance with UK GDPR requirements by implementing appropriate safeguards such as standard contractual clauses or relying on adequacy decisions.
If you are dissatisfied with how we handle your personal data, please contact us first so we can address your concerns. You also have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk
For any questions about our GDPR compliance or to exercise your rights:
Email: [email protected]
Post: Data Protection, Lunar-Burst, 47 Castle Boulevard, Nottingham, NG7 1FE