GDPR Compliance

Your data protection rights under GDPR

Last updated: 19 February 2026

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation that governs data protection and privacy. It gives individuals greater control over their personal data and requires organizations to handle data responsibly.

Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of Access: You can request a copy of all personal data we hold about you
  • Right to Rectification: You can request correction of inaccurate or incomplete data
  • Right to Erasure: You can request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: You can request that we limit how we use your data
  • Right to Data Portability: You can request your data in a structured, machine-readable format
  • Right to Object: You can object to processing of your data for certain purposes
  • Rights Related to Automated Decision Making: You have rights regarding automated processing and profiling

How We Comply with GDPR

BoundaryIQ is committed to GDPR compliance:

  • We only collect data necessary for providing our services
  • We process data lawfully, fairly, and transparently
  • We implement appropriate technical and organizational security measures
  • We maintain records of processing activities
  • We have procedures for handling data subject requests
  • We conduct data protection impact assessments where required

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at enquiries@boundaryiq.com. We will respond to your request within one month (this may be extended by two months for complex requests).

When making a request, please include:

  • Your full name and email address
  • Clear description of the right you wish to exercise
  • Any relevant account information to help us locate your data

Data Processing Legal Basis

We process your personal data based on the following legal bases:

  • Contract: To fulfill our contractual obligations to provide services
  • Legitimate Interest: To improve our services and communicate with you
  • Consent: Where you have given explicit consent for specific processing
  • Legal Obligation: To comply with legal requirements

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When data is no longer needed, we securely delete or anonymize it.

Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in accordance with GDPR requirements.

Complaints

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner’s Office (ICO).

Contact Us

For any questions about GDPR compliance or to exercise your rights, please contact us:

Email: enquiries@boundaryiq.com