GDPR Compliance

Last updated: May 21, 2026

Our Commitment to Data Protection

lively-sweep is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and safeguard your rights as a data subject.

Data Controller

For the purposes of GDPR, lively-sweep is the data controller responsible for your personal data. Our contact details are:

lively-sweep
47 Greenfield Avenue
Bristol BS1 4QE
United Kingdom
Email: [email protected]

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: You have given explicit consent for us to process your personal data for specific purposes (e.g., marketing communications).
• Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legal Obligation: Processing is necessary for compliance with legal obligations to which we are subject.
• Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your fundamental rights and freedoms.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

1. Right to Access

You have the right to request access to your personal data and receive a copy of the information we hold about you.

2. Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

3. Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data in certain circumstances, such as when:

• The data is no longer necessary for the purposes for which it was collected
• You withdraw your consent and there is no other legal ground for processing
• You object to the processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

4. Right to Restriction of Processing

You have the right to request restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.

6. Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

7. Rights Related to Automated Decision Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

8. Right to Withdraw Consent

Where we process your personal data based on your consent, you have the right to withdraw that consent at any time.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month, although this period may be extended by two additional months where necessary, taking into account the complexity and number of requests.

Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data in transit and at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication procedures
• Regular staff training on data protection
• Incident response procedures

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. When determining retention periods, we consider:

• The amount, nature, and sensitivity of the data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the data
• Whether we can achieve those purposes through other means
• Applicable legal requirements

International Data Transfers

We primarily process personal data within the United Kingdom and European Economic Area (EEA). If we transfer personal data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions
• Binding corporate rules

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay, and where feasible, within 72 hours of becoming aware of the breach.

Third-Party Processors

We work with carefully selected third-party service providers who process personal data on our behalf. We ensure that all processors:

• Provide sufficient guarantees of GDPR compliance
• Enter into written contracts specifying their data protection obligations
• Process personal data only on our documented instructions
• Implement appropriate technical and organizational measures

Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect or process personal data from children. If we become aware that we have collected personal data from a child under 16, we will delete it promptly.

Complaints

If you believe that our processing of your personal data violates GDPR, you have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113
Website: www.ico.org.uk

Updates to This Page

We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.

Contact Us

If you have any questions about our GDPR compliance or wish to exercise your data protection rights, please contact us at:

Email: [email protected]
Address: 47 Greenfield Avenue, Bristol BS1 4QE, United Kingdom