GDPR Compliance

Last updated: May 6, 2026

Our Commitment to GDPR

Transit Flash is committed to complying with the General Data Protection Regulation (GDPR) and protecting the privacy rights of individuals in the United Kingdom and European Economic Area.

Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent: When you provide explicit consent for specific processing activities
  • Contract: When processing is necessary to fulfill our service agreement with you
  • Legitimate Interests: When processing is necessary for our legitimate business interests, provided your rights are not overridden
  • Legal Obligation: When we must process data to comply with legal requirements

Your GDPR Rights

Right to Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You may request deletion of your personal data under certain circumstances, including when:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

Right to Restriction of Processing

You can request that we limit how we use your data in certain situations.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling in our services.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us:

Email: [email protected]
Subject line: GDPR Rights Request

We will respond to your request within one month. In complex cases, we may extend this by two additional months and will inform you of the extension.

Data Protection Officer

For questions about data protection or to exercise your rights, contact our Data Protection Officer at [email protected]

Data Security Measures

We implement appropriate technical and organizational measures to ensure data security, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection
  • Secure data storage and backup procedures

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

International Data Transfers

We do not routinely transfer personal data outside the UK. If such transfer becomes necessary, we will ensure appropriate safeguards are in place.

Third-Party Processors

We work only with third-party processors who provide sufficient guarantees of GDPR compliance. All processors are bound by data processing agreements.

Data Retention

We retain personal data only as long as necessary for the purposes outlined in our Privacy Policy or as required by law. Specific retention periods include:

  • Client records: 7 years after last service (for legal and tax purposes)
  • Marketing consents: Until consent is withdrawn
  • Website analytics: 26 months

Children's Data

When providing services to children, we obtain parental consent and ensure appropriate protections are in place. Parents have the right to access, correct, or delete their child's data.

Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not complied with GDPR requirements.

Information Commissioner's Office
Website: ico.org.uk
Helpline: 0303 123 1113

Changes to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. We will notify you of significant changes.

Contact Information

Transit Flash
42 Osborne Road
Jesmond
Newcastle upon Tyne
NE2 2AL
United Kingdom
Email: [email protected]