GDPR Compliance

Your data rights under the General Data Protection Regulation

Our Commitment to GDPR

quiet-trek is committed to protecting your personal data and respecting your privacy rights in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., enrolling in programs, receiving communications)
  • Contract: Processing is necessary for a contract we have with you (e.g., delivering educational services)
  • Legal Obligation: Processing is necessary to comply with the law
  • Legitimate Interests: Processing is necessary for our legitimate interests (e.g., improving our services), provided it does not override your rights

Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data:

1. Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service.

2. Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

3. Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

4. Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

5. Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions.

6. Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

7. Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]
Address: 42 Wellington Street, Liverpool L1 8JA, United Kingdom

We will respond to your request within one month. If your request is complex or you have made multiple requests, we may extend this period by two further months and will inform you of any such extension.

Data Protection Officer

For questions specifically about data protection and GDPR compliance, you can contact our designated data protection contact at [email protected].

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication measures
  • Staff training on data protection
  • Regular backups and disaster recovery procedures

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

International Data Transfers

We primarily process data within the United Kingdom and European Economic Area. If we need to transfer data outside these regions, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Children's Data

While our services are for children and teenagers, we collect personal data from parents or legal guardians. We require parental consent for processing any personal data of individuals under 16 years of age.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Enrollment and program delivery: Duration of program plus 2 years
  • Communications and inquiries: 3 years from last contact
  • Financial records: 7 years as required by law

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Right to Lodge a Complaint

If you believe we have not complied with GDPR, you have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO):

Website: quiet-trek.com
Telephone: 0303 123 1113

Updates to This Policy

We may update this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes.