Our commitment to data protection and your rights under UK GDPR and the Data Protection Act 2018.
Elitedge is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Data protection is not a checkbox for us β it is a core part of how we operate.
As a Birmingham-based business handling data for clients across the UK and internationally, Elitedge takes data protection seriously. We have embedded GDPR principles into our internal processes, service delivery, and supplier relationships.
Our six core GDPR principles guide every decision we make about personal data:
Depending on the nature of our engagement, Elitedge may act as:
We maintain a Data Processing Agreement (DPA) with all clients where we act as a data processor. Contact us to request a copy.
Under UK GDPR, individuals have the following rights regarding their personal data:
Request a copy of the personal data we hold about you (Subject Access Request).
Ask us to correct inaccurate or complete incomplete personal data.
Request deletion of your personal data in certain circumstances ("right to be forgotten").
Ask us to pause processing of your data in certain circumstances.
Receive your data in a structured, machine-readable format to transfer to another provider.
Object to processing based on legitimate interests or for direct marketing purposes.
Not be subject to solely automated decisions that significantly affect you.
Withdraw consent at any time where processing is based on your consent.
To exercise any of these rights, submit a request to hello@elitedge.pro with "Data Subject Request" in the subject line. We will respond within 30 days (extendable to 90 days for complex requests, with notice).
We may need to verify your identity before fulfilling a request.
We rely on the following lawful bases under UK GDPR Article 6:
Some of our third-party service providers operate outside the UK or EEA. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as:
We implement the following technical and organisational measures to protect personal data:
We use carefully selected third-party tools and processors, including:
All processors are assessed for GDPR compliance and bound by appropriate data processing agreements.
We use Google Analytics with anonymised IP addresses to analyse website traffic. Analytics cookies are only set with your consent. You can manage your preferences via your browser or our cookie banner.
We do not use cookies for targeted advertising without your explicit consent.
In the event of a personal data breach:
If you believe we have not handled your personal data correctly, you have the right to complain to the UK's data protection regulator:
We encourage you to contact us first β most concerns can be resolved quickly and informally.
For all data protection enquiries:
If you are engaging Elitedge as a data processor, we provide a comprehensive DPA. Request yours today.
Request DPA