Our commitment to protecting your personal data
Last updated: June 2026
ironcrest-maintain is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we meet our obligations and protect your rights as a data subject.
ironcrest-maintain acts as the data controller for personal data collected through this website and in connection with our consulting services. This means we are responsible for deciding how your personal data is processed and for what purposes.
We only process personal data where we have a lawful basis to do so. The legal grounds we rely upon include:
Under the UK GDPR, you have the following rights regarding your personal data:
Right of Access
You have the right to request a copy of the personal data we hold about you. We will provide this information within one month of your request.
Right to Rectification
If personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected.
Right to Erasure
In certain circumstances, you have the right to request that we delete your personal data. This applies where the data is no longer necessary for the purpose it was collected, where you withdraw consent, or where processing is unlawful.
Right to Restrict Processing
You have the right to request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
Right to Data Portability
Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format.
Right to Object
You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds.
Rights Related to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects on you.
To exercise any of your rights under GDPR, please contact us using the details below. We may need to verify your identity before processing your request. We aim to respond to all legitimate requests within one month.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
We primarily store and process data within the United Kingdom. Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place in accordance with data protection law.
For any questions regarding our data protection practices or to exercise your rights, please contact:
ironcrest-maintain
47 Greenway Business Park
Bristol, BS8 4QN
United Kingdom
Email: [email protected]
If you are not satisfied with how we handle your personal data or your request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk