Log in

Cart

Your cart is currently empty.

Continue shopping
Total
£0.00

UK GDPR

I. Scope of Application

This framework applies to the processing of personal data of users located in the United Kingdom.

It applies when goods or services are offered to users in the UK, or when their behavior is monitored, even if the processing occurs outside the UK.

This includes processing conducted on electronic media or structured paper records.

Processing for personal or domestic purposes is excluded from this scope.

II. Fundamental Principles

All data processing activities must adhere to the following principles:

  • Lawfulness, fairness, and transparency;

  • Specific and limited purposes;

  • Data minimization and accuracy;

  • Retention for an appropriate period;

  • Integrity and confidentiality to prevent unauthorized access or disclosure.

III. Users' Rights

Users are entitled to:

  • Be informed, access their data, and rectify it;

  • Request the erasure of data (right to be forgotten);

  • Limit processing or object to it;

  • Receive their data in a portable format;

  • Withdraw their consent at any time.

Users under 18 years old must have consent from a parent or guardian.

IV. Obligations of Processors

Partners involved in logistics, support, or hosting must:

  • Act in accordance with written instructions;

  • Implement appropriate security measures;

  • Assist with processing user requests;

  • Report any data breach incidents;

  • Keep a record of processing activities;

  • Appoint a Data Protection Officer (DPO) if required and notify the relevant authorities.

V. Data Transfers

When data is transferred outside the UK, sufficient protection must be ensured, such as:

  • An adequacy decision by the UK government;

  • Standard Contractual Clauses (SCC);

  • Additional measures such as encryption or access control.

VI. Monitoring and Penalties

The Information Commissioner’s Office (ICO) has powers to:

  • Conduct audits;

  • Suspend or prohibit non-compliant processing;

  • Imposing administrative fines, which can reach up to £17 million or 4% of global annual turnover, whichever is higher

Additionally, there are provisions for data processing rights after an individual's death, and where no provisions exist, these rights may be exercised by the appropriate parties under applicable law.

VII. Compliance Commitment

The measures in place aim to:

  • Ensure users' control over their data;

  • Maintain transparent and responsible data processing practices;

  • Mitigate privacy risks with appropriate safeguards.

VIII. Contact Information

  • Address: 1840 W THOMAS RD APT 17, PHOENIX, AZ 85015-6163, US

  • Phone: +1 (315) 956-8236

  • Email: support@roomvibenow.com

  • Hours: Monday to Friday, 9:00 AM to 12:30 PM and 2:00 PM to 6:00 PM (CET)

IX. Representative Under Article 27 of UK GDPR

A representative within the United Kingdom has been designated to handle requests related to access, rectification, or deletion of data.