We use cookies to enhance your browsing experience and analyze site traffic. By continuing to use this site, you consent to our use of cookies.

Vivid Brilliance
Home About Services Contact
Home About Services Contact

GDPR Compliance

Last updated: June 2026

Our Commitment to GDPR

Vivid Brilliance Ltd is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take our responsibilities as a data controller seriously and have implemented robust policies and procedures to protect your personal information.

Your Data Protection Rights

Under UK GDPR, you have comprehensive rights regarding your personal data:

Right to be Informed

You have the right to clear, transparent information about how we collect and use your personal data. Our Privacy Policy provides detailed information about our data practices.

Right of Access

You can request a copy of the personal data we hold about you. We will provide this information within one month of your request, free of charge. This is commonly known as a subject access request.

Right to Rectification

If the personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected. We will make amendments within one month of your request.

Right to Erasure

Also known as the right to be forgotten, you can request deletion of your personal data in certain circumstances, including:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to the processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

Note that we may not be able to delete data if we have a legal obligation to retain it or if it is necessary for establishing, exercising, or defending legal claims.

Right to Restrict Processing

You can request that we limit how we use your personal data in specific situations, such as when you contest the accuracy of data or object to processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer this data to another organization.

Right to Object

You can object to processing of your personal data where we rely on legitimate interests as the legal basis. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.

Rights Related to Automated Decision Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

How to Exercise Your Rights

To exercise any of these rights, please contact us:

  • Email: [email protected]
  • Post: Vivid Brilliance Ltd, Hawthorn House, 17 Oakfield Road, Bristol BS8 2BG, United Kingdom

We will respond to requests within one month. In complex cases, this may be extended by two additional months, and we will inform you if this is necessary.

Data Processing Principles

We adhere to the following GDPR principles when processing personal data:

Lawfulness, Fairness, and Transparency

We process data lawfully, fairly, and transparently. We clearly communicate how we use personal information and provide easy access to our privacy notices.

Purpose Limitation

We collect personal data for specific, explicit, and legitimate purposes. We do not process data in ways that are incompatible with these purposes.

Data Minimization

We only collect personal data that is adequate, relevant, and limited to what is necessary for our stated purposes.

Accuracy

We take reasonable steps to ensure personal data is accurate and kept up to date. Inaccurate data is erased or corrected without delay.

Storage Limitation

We retain personal data only as long as necessary for the purposes for which it was collected or as required by law.

Integrity and Confidentiality

We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.

Accountability

We take responsibility for complying with GDPR principles and can demonstrate our compliance through documented policies, procedures, and records.

Legal Basis for Processing

We process personal data based on one or more of the following legal bases:

  • Consent: You have given clear consent for us to process your personal data for specific purposes
  • Contract: Processing is necessary for performing a contract with you or taking steps to enter into a contract
  • Legal Obligation: Processing is necessary to comply with legal obligations
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests

Data Security Measures

We implement robust security measures to protect your personal data:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and updates
  • Access controls limiting who can view or use personal data
  • Staff training on data protection and security
  • Secure backup and disaster recovery procedures
  • Contracts with third-party processors requiring equivalent security standards

Data Breach Procedures

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the Information Commissioner's Office within 72 hours
  • Inform affected individuals without undue delay if the breach poses a high risk
  • Document the breach, its effects, and remedial actions taken
  • Take immediate steps to contain and minimize the impact

International Data Transfers

We primarily process data within the United Kingdom. If we transfer personal data outside the UK, we ensure adequate safeguards are in place, such as standard contractual clauses approved by the ICO or transfers to countries with adequacy decisions.

Data Protection Officer

While we are not required by law to appoint a Data Protection Officer, we have designated a responsible person for data protection matters. For any GDPR-related questions or concerns, contact [email protected].

Children's Data

Our services are not intended for individuals under 16 years of age. We do not knowingly collect or process personal data from children without appropriate parental consent.

Complaints

If you believe we have not handled your personal data appropriately or wish to make a complaint, please contact us first so we can attempt to resolve the issue. If you remain dissatisfied, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom
Website: ico.org.uk
Helpline: 0303 123 1113

Updates to This Page

We may update this GDPR compliance information periodically to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website.

Vivid Brilliance

Ecological restoration and conservation services across the United Kingdom.

Services

  • Woodland Regeneration
  • Wetland Creation
  • Meadow Establishment
  • Soil Regeneration

Company

  • About Us
  • Contact
  • Privacy Policy
  • GDPR

Legal

  • Cookies Policy
  • Terms of Use

© 2026 Vivid Brilliance. All rights reserved.