Privacy Policy

PHDrift ("we") are committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us (either directly or via a third party), will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

By visiting www.phdrift.co.uk on the web or through mobile, you are accepting and consenting to the practices described in this policy.

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

Personal data we may collect from you

“Personal data”, or personal information, means any information that enables us to identify you, directly or indirectly when combined with other information we hold. It does not include data where the identity has been removed (anonymous data). We may collect and process the following kinds of personal data about you:

How do we use your personal data?

We will only use personal data held about you for purposes described in this privacy policy and when the law allows us to do so. We will generally use your personal data on the following legal grounds:

Do we disclose your personal data?

We may disclose your personal data to third parties:

How long do we store your personal data

We will only retain your personal data, in a form that permits us to identify you, for as long as necessary to fulfil the purposes we collected it for. We will retain and use your personal data as necessary to satisfy any legal, accounting or reporting requirements, to resolve disputes or to enforce our agreements and rights. In line with this privacy policy, we will either securely delete or anonymize your personal data so that it cannot be linked back to you. Generally, we store personal data in a form that can identify an individual for up to 10 years following collection unless it is required to fulfil any legal or contractual obligation, or is required for the establishment, exercise or defence of legal claims.

Your rights

In accordance with the General Data Protection Regulation (GDPR), in certain circumstances you have:

The right to access your personal data and supplementary information and to be aware of and verify the lawfulness of our processing of your personal data. We will not generally charge a fee for an access request, but a reasonable fee may be charged if a request is manifestly unfounded or excessive, particularly if it is repetitive. We may also charge a reasonable fee to comply with requests for further copies of the same information.

The right to rectification. Your personal data can be rectified if it is inaccurate or incomplete. We respond to requests for rectification within one month of receipt of the request. This can be extended by two months where the request for rectification is complex.

The right to erasure. This is also known as 'the right to be forgotten’. You have a right to have your personal data erased and to prevent processing in specific circumstances:

The right to restrict processing of your personal data. You have a right to ‘block’ or suppress the processing of your personal data. If you contest the accuracy of your personal data, we will restrict its processing until its accuracy has been verified.

The right to data portability.In certain circumstances, you have the right to request the transfer of your personal data directly to a third party where this is technically feasible.

The right to object. You have the right to object to us processing your personal data. In this case, you must have an objection on grounds relating to your particular situation.

To exercise any of these rights, in the first instance please contact [email protected]

If you have any questions in relation to this policy, please contact [email protected]