Our commitment to data protection and your rights under GDPR
Last updated: January 2026
aurora-puffin is committed to complying with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. We take data protection seriously and have implemented measures to ensure compliance with data protection legislation.
aurora-puffin acts as the data controller for personal data collected through this website and our services. We determine the purposes and means of processing personal data in accordance with applicable laws.
We process personal data only when we have a lawful basis to do so. Our lawful bases include:
Under GDPR, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will respond to valid requests within one month.
You have the right to request correction of any inaccurate or incomplete personal data we hold about you.
You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
You have the right to request that we restrict the processing of your personal data in certain circumstances.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
You have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. We will also notify affected individuals where required.
We do not routinely transfer personal data outside the United Kingdom or European Economic Area. If such transfers become necessary, we will ensure appropriate safeguards are in place in accordance with GDPR requirements.
For any questions regarding our data protection practices or to exercise your rights under GDPR, please contact us at:
Email: [email protected]
Address: 47 Merchant Lane, Manchester, M2 4WQ, United Kingdom
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.
Information Commissioner's Office
Website: ico.org.uk