Last updated: June 2026
crater osprey is committed to full compliance with the General Data Protection Regulation (GDPR). We process personal data lawfully, fairly, and transparently, ensuring that your rights as a data subject are respected and protected.
We process your personal data under the following legal bases:
You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format within one month of your request.
If you believe any personal information we hold about you is inaccurate or incomplete, you have the right to request correction. We will update your information promptly upon verification.
You may request deletion of your personal data under certain circumstances, including when the data is no longer necessary for the purposes it was collected, or if you withdraw consent. Please note that we may be required to retain certain information for legal or accounting purposes.
You have the right to request restriction of processing your personal data in specific situations, such as when you contest the accuracy of the data or object to processing.
You can request to receive your personal data in a structured, commonly used, and machine-readable format, or request that we transfer this data directly to another service provider where technically feasible.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease such processing unless we demonstrate compelling legitimate grounds.
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
To exercise any of your GDPR rights, please submit a request to [email protected] with the subject line "GDPR Request". We will respond within one month and may request verification of your identity to protect your data security.
For questions specifically related to data protection and GDPR compliance, you may contact our data protection representative at [email protected].
We implement appropriate technical and organizational security measures to protect your personal data, including:
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.
Your personal data is processed and stored within the United Kingdom. If we need to transfer data outside the UK or European Economic Area, we ensure appropriate safeguards are in place as required by GDPR.
Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: www.ico.org.uk
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Significant changes will be communicated to registered customers via email.