GDPR Compliance Statement

Last updated: June 16, 2026

Our Commitment to Data Protection

wild-atoll is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This statement outlines how we comply with these regulations and uphold your data protection rights.

Legal Basis for Processing

We process personal data under the following legal bases:

• Contract Performance: Processing is necessary to fulfill our service agreements with you, including scheduling inspections and delivering reports.
• Legitimate Interests: We process data to operate our business efficiently, respond to inquiries, and improve our services, provided this does not override your fundamental rights and freedoms.
• Legal Obligation: We retain certain records to comply with professional standards, tax requirements, and regulatory obligations.

Data Controller

wild-atoll acts as the data controller for personal information collected through our website and service delivery. We determine the purposes and means of processing your personal data.

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access

You can request confirmation of whether we process your personal data and obtain a copy of that data along with information about how we use it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

Under certain circumstances, you can request deletion of your personal data. This right is not absolute and may be limited by our legal obligations to retain certain records.

Right to Restrict Processing

You can request that we limit how we use your personal data in specific situations, such as when you contest the accuracy of the information or object to our processing.

Right to Data Portability

You can request that we provide your personal data in a structured, commonly used, and machine-readable format, or transmit it directly to another controller where technically feasible.

Right to Object

You can object to processing of your personal data when we rely on legitimate interests as our legal basis, unless we demonstrate compelling legitimate grounds that override your interests.

Rights Related to Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal effects or similarly significant impacts on individuals.

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us at [email protected]. We will respond to your request within one month, though this period may be extended by two additional months for complex requests. We will inform you of any such extension within the initial one-month period.

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR requirements, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection. You can contact the ICO through their website at ico.org.uk or by calling their helpline.

International Data Transfers

We do not routinely transfer personal data outside the United Kingdom. Should any such transfer become necessary, we will ensure appropriate safeguards are in place to protect your information in accordance with GDPR requirements.

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised date.