GDPR Compliance

Our Commitment to GDPR

fresco-wall is committed to full compliance with the General Data Protection Regulation (GDPR). We recognize the importance of protecting personal data and respecting the privacy rights of individuals within the European Union and the United Kingdom.

Legal Basis for Processing

We process personal data only when we have a lawful basis to do so:

• Consent: When you voluntarily provide information through forms or direct communication
• Contractual Necessity: To fulfill service agreements and deliver contracted solutions
• Legitimate Interests: To improve our services and communicate relevant business information
• Legal Obligation: To comply with applicable laws and regulations

Data Protection Principles

We adhere to the following GDPR principles in all data processing activities:

• Lawfulness, Fairness, and Transparency: We process data legally and transparently
• Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes
• Data Minimization: We collect only what is necessary for our stated purposes
• Accuracy: We maintain accurate and up-to-date records
• Storage Limitation: Data is retained only as long as necessary
• Integrity and Confidentiality: We implement appropriate security measures
• Accountability: We demonstrate compliance with these principles

Your GDPR Rights

As a data subject, you have the following rights under GDPR:

Right to Access

You can request confirmation of whether we process your personal data and obtain a copy of that data.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances, including when the data is no longer necessary for its original purpose.

Right to Restrict Processing

You can request limitation of processing in specific situations, such as when contesting data accuracy.

Right to Data Portability

You can receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal effects concerning you.

Exercising Your Rights

To exercise any of your GDPR rights, please contact our Data Protection Officer:

Email: [email protected]
Address: 42 Kingsway, London WC2B 6EX, United Kingdom

We will respond to your request within one month of receipt. In complex cases, we may extend this period by two additional months, and we will inform you of such extension.

Data Security Measures

We implement technical and organizational measures to ensure appropriate security of personal data:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication protocols
• Employee training on data protection practices
• Incident response and breach notification procedures

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk, we will also notify affected individuals without undue delay.

International Data Transfers

We primarily store and process data within the United Kingdom and the European Economic Area. Any transfers outside these regions will be protected by appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected such data, we will delete it promptly.

Third-Party Processors

We engage third-party service providers only when they demonstrate adequate GDPR compliance. All processors are bound by data processing agreements that ensure appropriate data protection standards.

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates GDPR. In the UK, the relevant authority is:

Information Commissioner's Office (ICO)
Website: fresco-wall.com

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website and, where appropriate, via email.

Contact Information

For questions or concerns regarding GDPR compliance or our data protection practices:

Data Protection Officer
Email: [email protected]
Address: 42 Kingsway, London WC2B 6EX, United Kingdom