GDPR Compliance Statement

Last Updated: May 25, 2026

Our Commitment to GDPR

Streamline Gear is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We respect your privacy rights and are dedicated to protecting your personal data.

Data Controller

Streamline Gear is the data controller responsible for your personal data. Our contact details are:

Company Name: Streamline Gear
Address: 42 Kingsway Street, London, WC2B 6EX, United Kingdom
Email: [email protected]

What Personal Data We Collect

We collect and process the following categories of personal data:

  • Identity Data: Name, title
  • Contact Data: Email address, postal address
  • Career Data: Professional background, career goals, employment history (as shared during coaching sessions)
  • Financial Data: Payment information (processed through secure third-party processors)
  • Technical Data: IP address, browser type, device information
  • Usage Data: How you use our website and services
  • Marketing Data: Your preferences for receiving marketing communications

Legal Basis for Processing

We only process your personal data when we have a legal basis to do so. Our legal bases include:

  • Consent: You have given explicit consent for us to process your data for specific purposes
  • Contract Performance: Processing is necessary to fulfill our contract with you or to take steps at your request before entering a contract
  • Legal Obligation: We need to process your data to comply with legal requirements
  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided these do not override your rights and freedoms

Your Rights Under GDPR

You have the following rights regarding your personal data:

1. Right to Access (Article 15)

You have the right to obtain confirmation that we are processing your personal data and to access that data. You can request a copy of the personal data we hold about you.

2. Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and to have incomplete personal data completed.

3. Right to Erasure / Right to be Forgotten (Article 17)

In certain circumstances, you have the right to request that we delete your personal data, including when:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw your consent and there is no other legal basis for processing
  • You object to the processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

4. Right to Restriction of Processing (Article 18)

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

5. Right to Data Portability (Article 20)

Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

6. Right to Object (Article 21)

You have the right to object to processing of your personal data where we are relying on legitimate interests, including processing for direct marketing purposes.

7. Rights Related to Automated Decision-Making (Article 22)

We do not use automated decision-making or profiling in our services. All decisions regarding our coaching services involve human review and assessment.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us using the details below:

  • Email: [email protected] with the subject line "GDPR Request"
  • Post: Data Protection, Streamline Gear, 42 Kingsway Street, London, WC2B 6EX, United Kingdom

We will respond to your request within one month. If your request is particularly complex or you have made multiple requests, we may extend this period by up to two months, in which case we will notify you.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection
  • Secure backup procedures

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Client data: Retained for the duration of our relationship plus 7 years for legal and accounting purposes
  • Marketing data: Retained until you withdraw consent or request deletion
  • Website analytics: Typically retained for 26 months

Data Sharing and Transfers

We do not sell your personal data. We only share your data with:

  • Service providers who process data on our behalf (data processors)
  • Professional advisors when necessary
  • Law enforcement or regulatory authorities when legally required

When we share data with third parties, we ensure they provide appropriate safeguards for your data through contractual obligations and technical measures.

We do not transfer personal data outside the United Kingdom without appropriate safeguards in place.

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach, as required by GDPR.

Children's Data

Our services are not directed at children under 18 years of age. We do not knowingly collect or process personal data from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ICO Website: https://ico.org.uk/
ICO Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Updates to This Statement

We may update this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated statement on our website and updating the "Last Updated" date.

Contact Us

If you have questions about our GDPR compliance or how we handle your personal data, please contact us:

Email: [email protected]
Address: 42 Kingsway Street, London, WC2B 6EX, United Kingdom