GDPR Compliance

Your data protection rights under UK GDPR

Our Commitment to Data Protection

brave-networth is committed to protecting your personal data and respecting your privacy rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page explains your rights and how we fulfil our obligations as a data controller.

Data Controller Details

brave-networth is the data controller responsible for personal data collected through this website and our email communications.

Contact details:
brave-networth
42 Wellington Street
Leeds, LS1 4HZ
United Kingdom
Email: [email protected]

Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

1. Right to Be Informed

You have the right to clear, transparent information about how we collect and use your personal data. This information is provided through our Privacy Policy and this GDPR page. We explain what data we collect, why we collect it, how we use it, and who we share it with.

2. Right of Access

You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). When you make such a request, we will provide:

  • Confirmation that we are processing your personal data
  • A copy of the data we hold
  • Information about how and why we process this data
  • Details of who has received your data
  • How long we intend to store the data
  • Information about your other rights

We will respond to your request within one month. The first copy of your data is provided free of charge. For additional copies or manifestly unfounded or excessive requests, we may charge a reasonable fee.

3. Right to Rectification

If you believe the personal data we hold about you is inaccurate or incomplete, you can request that we correct or complete it. We will respond to your request within one month and will notify any third parties with whom we have shared your data about the correction.

4. Right to Erasure

Also known as the "right to be forgotten," this allows you to request deletion of your personal data in certain circumstances:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent on which processing is based
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • The data must be erased to comply with a legal obligation

This right is not absolute. We may be required to retain certain information to comply with legal obligations or for the establishment, exercise, or defence of legal claims.

5. Right to Restrict Processing

You can request that we limit how we use your personal data in the following situations:

  • You contest the accuracy of the data (restriction applies while we verify accuracy)
  • Processing is unlawful but you prefer restriction over erasure
  • We no longer need the data but you require it for legal claims
  • You have objected to processing (restriction applies while we verify our legitimate grounds)

When processing is restricted, we can store the data but not use it further without your consent, except for legal claims or to protect others' rights.

6. Right to Data Portability

You can request that we provide your personal data in a structured, commonly used, and machine-readable format. This right applies when:

  • Processing is based on consent or contract
  • Processing is carried out by automated means

Where technically feasible, you can request that we transmit your data directly to another organisation.

7. Right to Object

You have the right to object to processing of your personal data in certain circumstances:

  • Processing based on legitimate interests: You can object unless we can demonstrate compelling legitimate grounds that override your interests
  • Processing for direct marketing: You can object at any time, and we must stop such processing
  • Processing for research purposes: You can object unless the processing is necessary for a public interest task

8. Rights Related to Automated Decision-Making and Profiling

You have the right not to be subject to decisions based solely on automated processing that produces legal effects or similarly significant effects. We do not engage in automated decision-making or profiling.

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us:

Email: [email protected]
Subject line: Data Protection Rights Request

In your request, please:

  • Clearly state which right you wish to exercise
  • Provide sufficient information to identify you (we may request additional verification to protect your data)
  • Specify the data or processing activities your request relates to

We will respond within one month of receiving your request. In complex cases, we may extend this by two months and will explain the reason for the delay.

Data Processing Activities

Categories of Personal Data

We process the following categories of personal data:

  • Identity data: Name, email address
  • Technical data: IP address, browser type, device information
  • Usage data: Pages visited, time spent on site, navigation patterns
  • Communication data: Content of email messages you send to us

Purposes of Processing

We process personal data for the following purposes:

  • Responding to enquiries and correspondence
  • Understanding website usage and improving user experience
  • Conducting research on household services markets
  • Maintaining records for administrative and legal purposes
  • Detecting and preventing fraud or abuse

Legal Bases for Processing

We process personal data under the following legal bases:

  • Consent: Email communications where you have voluntarily provided information
  • Legitimate interests: Website analytics, fraud prevention, and improving our services
  • Legal obligation: Compliance with legal and regulatory requirements

Data Recipients

Your personal data may be shared with:

  • Website hosting providers and email service providers (under strict contractual agreements)
  • Analytics service providers (data is anonymised where possible)
  • Legal and professional advisers (when necessary for legal compliance or advice)
  • Law enforcement or regulatory bodies (when required by law)

Data Retention

We retain personal data only for as long as necessary:

  • Email correspondence: Up to 3 years
  • Website analytics: Aggregated indefinitely, raw logs up to 12 months
  • Cookie data: As specified in our Cookies Policy

International Transfers

Our data processing activities primarily occur within the United Kingdom and European Economic Area. If we need to transfer data outside the UK or EEA, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the UK authorities
  • Adequacy decisions recognising equivalent data protection standards
  • Binding corporate rules for intra-group transfers

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Access controls limiting who can view personal data
  • Regular security assessments and updates
  • Staff training on data protection principles
  • Incident response procedures for data breaches

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights, we will also notify you directly without undue delay.

Children's Data

Our website is not intended for children under 16 years of age. We do not knowingly collect or process personal data from children. If we become aware that we have inadvertently collected data from a child, we will delete it promptly.

Cookies and Tracking

We use cookies and similar technologies to improve website functionality and analyse usage. For detailed information about our use of cookies, please see our Cookies Policy. You can manage your cookie preferences through your browser settings or our cookie consent tool.

Changes to Data Processing

If we plan to process your personal data for a purpose other than that for which it was collected, we will inform you before proceeding and, where required, seek your consent.

Complaints

If you believe we have not complied with data protection law, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom

Telephone: 0303 123 1113
Website: brave-networth.com
Email: [email protected]

We would appreciate the opportunity to address your concerns before you contact the ICO, so please contact us first if possible.

Regular Reviews

We regularly review our data processing activities, privacy practices, and this GDPR information to ensure ongoing compliance with UK data protection law. This page was last updated on 15 April 2026.

Further Information

For more detailed information about our privacy practices, please see our Privacy Policy. If you have specific questions about GDPR compliance or your data protection rights, please contact us at [email protected].