SimplyCalculators.co.uk

Simple online calculators

GDPR Compliance

Last Updated: October 11, 2025

We are committed to complying with the General Data Protection Regulation (GDPR) and protecting the rights of individuals in the European Union (EU) and European Economic Area (EEA).

Overview of GDPR

The GDPR is a comprehensive data protection law that came into effect on May 25, 2018. It provides individuals with enhanced rights over their personal data and places strict obligations on organizations that process such data.

Your Rights Under GDPR

As a data subject, you have the following rights:

1. Right to Access

You have the right to request access to your personal data and obtain information about how we process it. We will provide you with a copy of your personal data upon request.

2. Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

3. Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes it was collected.

4. Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.

6. Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.

7. Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

8. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement occurred.

How We Exercise GDPR Compliance

Lawful Basis for Processing

We process personal data only when we have a lawful basis, including:

  • Consent: You have given clear consent for us to process your personal data
  • Contract: Processing is necessary for a contract we have with you
  • Legal Obligation: Processing is necessary to comply with the law
  • Legitimate Interests: Processing is necessary for our legitimate interests

Data Minimization

We collect only the personal data that is necessary for the specific purposes we have identified and limit our use of that data to those purposes.

Data Accuracy

We take reasonable steps to ensure that personal data is accurate, complete, and up-to-date. We encourage you to inform us of any changes to your personal information.

Storage Limitation

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law.

Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on data protection
  • Incident response and breach notification procedures

Data Protection by Design and Default

We integrate data protection principles into our systems and processes from the outset and ensure that privacy-friendly default settings are in place.

International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries deemed to provide adequate protection
  • Binding Corporate Rules for intra-group transfers
  • Certification mechanisms and codes of conduct

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights, we will also notify you directly.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and ensuring compliance with GDPR requirements. You can contact our DPO with any questions or concerns about how we handle your personal data.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us through our website. We will respond to your request within one month, though this may be extended by two additional months in complex cases.

When making a request, please provide sufficient information to allow us to verify your identity and locate your data. We may request additional information if necessary.

We will not charge a fee for most requests, unless the request is manifestly unfounded, excessive, or repetitive.

Cookies and Tracking

We use cookies and similar tracking technologies in accordance with GDPR requirements. We will:

  • Obtain your consent before placing non-essential cookies
  • Provide clear information about the cookies we use
  • Allow you to manage your cookie preferences
  • Respect your choices regarding cookie usage

Updates to This Policy

We may update this GDPR Compliance page from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes and update the "Last Updated" date at the top of this page.

Contact Information

For questions about our GDPR compliance or to exercise your rights, please contact us through our website or reach out to our Data Protection Officer.