PRIVACY POLICY
privacy policy
PRIVACY NOTICE
Last updated: 31 May 2023
We are dedicated to safeguarding and preserving your privacy when visiting our Website or communicating with us through any means of communication.
This Privacy Notice (‘Notice’) provides an explanation about what happens to any Personal Data that you provide to us or that we collect from you.
This Privacy Notice sets out our use of any and all Personal Data collected by us in relation to your use of our website, https://www.aishasubhanidesign.com (‘Website’). The Website is operated by Aisha Subhani Design Ltd., a private company limited by shares, incorporated in England and Wales under number 11625394 and with its registered office address at PO Box 72874, London, England, N2 2ER (‘Aisha Subhani Design’, ‘we’, ‘us’, ‘our(s)’, ‘ourselves’).
By continuing to use our Website, inquiring about and using our interior design services, bespoke furniture sourcing, art curation, project management and related services (‘Services’), requesting fee quotes, interacting with us on any of our social media platforms, and/or by dealing with us in any manner, you agree to our Privacy Notice for the collection and processing of your Personal Data.
For the purposes of processing your Personal Data, we are the Data Controller (as defined under Article 4(7) of the Regulation (EU) 2016/679 (General Data Protection Regulation) (‘GDPR’) and Article 4(7) of the UK GDPR, whereby Data Controller means ‘the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing the Personal Data’. Personal Data shall have the meaning given to it under Article 4(1) of the GDPR and the UK GDPR, and which is more particularly defined in this Privacy Notice below.
This Privacy Notice should be read in conjunction with our disclaimers and Terms of Business. We may amend or update this Notice from time to time and will publish revised versions on this Website. We reserve the right to alter and make changes to this Notice at our sole discretion, and we therefore request all users to regularly refer to our Privacy Notice for updates and variations.
This notice covers the following:
• Who is the person responsible for the management of your Personal Data?
• What Personal Data do we need/receive?
• What are the sources of collection of Personal Data?
• How do we use your Personal Data?
• Children’s Privacy
• What are the Lawful Bases for processing your Personal Data?
• Who may use your Personal Data?
• Marketing Communications
• Social Media
• How do we store and transfer your Personal Data?
• For how long do we store your Personal Data?
• Use of Cookies
• Change in Terms of Privacy
• Third party Links
• Your rights
• Contact us
• Complaints
Who is the person responsible for the management of your Personal Data?
Aisha Subhani Design Ltd. is responsible for the collection and management of your Personal Data.
As a business operating in the United Kingdom, we are registered with the Information Commissioner’s Office (ICO) under registration number ZA717579.
The person responsible for data protection is Aisha Subhani. For any queries relating to the management of your Personal Data, please do not hesitate to send us an email at aisha@aishasubhanidesign.com or by calling us on +44 7803 250332.
What Personal Data do we need/receive?
‘Personal Data’ has been defined under the GDPR (EU and UK) as ‘any information relating to an identified or identifiable natural person (‘data subject’)’. An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Any references to ‘Personal Data’ in this Notice therefore means information about living individuals, which, alone or in conjunction with other information held by us, is capable of identifying them. The GDPR 2016/679, the UK GDPR, The Data Protection Act 2018 and any other national implementing legislation relating to data protection in the UK, regulate our use of your Personal Data (collectively ‘Applicable Data Protection Law’).
In order to provide our Services or for the purposes of conducting our business, we may need the following Personal Data from the individuals we are dealing with (‘you’, ‘yours’, ‘yourself’/ ‘yourselves’).
We have tried to cover categories of Personal Data that we generally require, collect and/or process while providing Services to our clients or for the purposes of operating our business. However, this is not an exhaustive list.
• Identity Data, such as your full name, date of birth, and for employment purposes, your National Insurance Number and proof of identity
• Contact Data, such as your email address, physical address and/or contact telephone number
• Financial Data, such as your bank account and payment card details
• Transaction Data, such as details about payments between us and other details of purchases made by you
• Your website
• Details of your visits to our Website and the resources that you access, including but not limited to, traffic data, location data, usage data, technical data, time zone settings, hardware information, weblogs and other communication data
• Usage Data, such as information about how you use our Services
• Clickstream data, including where users navigate to our Website to and from, and any searches users make on or relating to our Website
• Marketing and Communications Data, including any other information that you provide to us by filling out forms on our Website, such as when you fill out the ‘Contact’ form, request a fee quote, send an enquiry via email, contact us via telephone or sign up for our newsletter
• Profile Data such as your request of our Services, your interests, preferences, feedback, review, and survey responses
• Any other information provided to us when you communicate with us for any reason
• Your social media account details if you follow us on or communicate with us via social media
• Transactional information such as the Services you are interested in or your purchasing requirements
What are the sources of collection of Personal Data?
We may obtain Personal Data from you when you contact us or get in touch with us via our Website or when you or your organisation correspond with us through any means of communication. This includes Personal Data you provide to us when you:
• contact us with a question or query via our Website, email us at aisha@aishasubhanidesign.com, or telephone us at +44 7803 250332.
• ask us to provide our Services to you
• ask us to collaborate with you on an assignment
• contact us or authorise anyone to contact us about employment or apprenticeships at Aisha Subhani Designs Ltd.
• contact us to provide us your services or goods
• correspond with us to submit any complaints that you may have
• correspond with us to address any complaints we may have raised
• register for a seminar, webinar, event or networking where information is shared between fellow members
• attend our events and provide our staff with your personal information, business cards or contact details
• deal with us when we are providing Services to our clients (which may be you, your family member, your dependent, your organisation or a third party)
• submit identity documents directly to us or to third party agencies commissioned by us to collect your data for the purposes of carrying out identity checks and due diligence. (Where we have commissioned a third party to collect your Personal Data on our behalf, we shall continue to remain the Data Controller)
• connect with us on social media platforms or join groups created and administered by us on social media
We may also collect and retain Personal Data that is:
• obtained from public sources about you or your organisation, which includes all information available on your website, the Companies House, or other online sources accessible through Search Engine Optimisation searches
• obtained from third parties that may include our clients, professional regulators, public bodies, and other entities, including providers of analysis, screening and database services who have a right to disclose this information to us, and
• relating to whether our contacts read electronic correspondence from us or click on links we send them.
• relating to your equipment, browsing actions and usage patterns and is automatically collected when you are using our Website by enabling the use of cookies, server logs and similar technologies. Please see our cookie policy for further details.
How do we use your Personal Data?
The information that we collect and store relating to you is primarily used to enable us to provide our Services to you. In addition, we may use the information for the following purposes:
a) To provide you with information requested from us relating to our Services
b) To provide information on other services, fee quotes, offers and updates which we feel may be of interest to you, where you have consented to receive such information
c) To meet our contractual commitments to you and enable your use of our Services to you
d) To act as your agent when you requested our furniture, fixtures and equipment sourcing services
e) If required, to carry out ‘Know Your Customer’ checks, credit-worthiness checks and/or any other background checks as part of our due diligence that we may be required to undertake by a regulatory body or for the purposes of our business
f) To notify you about any changes to our Website, such as improvements or changes to our Services
g) To notify you about any changes to our Terms of Business and/or Privacy Notice
h) To manage client relations, such as asking you to leave a review, take a survey or inviting you organised events, webinars, and seminars.
i) To carry out research, including market research, statistical research on site traffic, sales and other commercial information to assist us in improving the Services we provide to you and to improve our Website
j) To administer our Website and carry out system and security updates
k) To send invoices, statement, payment reminders in order to collect payments from you
l) To comply with our information storage obligations (For more information please refer to sections ‘How do we store and transfer your Personal Data?’ and ‘For how long do we store your Personal Data?’)
m) For internal use such as governance, quality control and improvement, monitoring and record-keeping
n) If you are an existing customer, we may contact you with information about services similar to those which were the subject of a previous sale to you
o) To send you newsletters and other promotional material if you have opted-in
p) To connect with you on social media, if you have requested to connect with us and, once connected, to provide you with information and updates about us and our Services on social media.
By using our Services and/or dealing with us in any way, you consent to us collecting, processing and using your Personal Data as detailed above.
Children’s privacy
We do not knowingly collect or process Personal Data from anyone under the age of 13 (thirteen) years old (‘Child’/ ‘Children’). Our Services and Website content are not directed at minors, i.e., persons below the age of 18 (eighteen) years, especially children below the age of 13 (thirteen) years.
If you are a parent or guardian and you are aware that your Child has provided us with Personal Data without your consent, please contact us. Unless contacted by a parent or legal guardian, we have no way of knowing that Personal Data was submitted by a Child without parental consent. As a parent/legal guardian you understand that that the onus of controlling your Child’s Personal Data lies on you. If we become aware, after notification by a parent/legal guardian or the Children themselves, that we have collected Personal Data from Children without parental consent, we take steps to remove that information from our servers.
What are the Lawful bases for processing your Personal Data?
Article 6.1 (a) of the GDPR 2016/679 and the UK GDPR- Consent
In order to avail of our Services, you consent to us obtaining and processing your Personal Data. While dealing with you we may issue Terms of Business or execute a contract outlining the terms and conditions of our engagement with you. The Terms of Business/contract along with this Notice set out the purposes for which your Personal Data may be obtained and processed by us. By accepting our Terms of Business or by using our Website or by executing a contract with us and by continuing to deal with us, you confirm that you have consented to us collecting and processing your Personal Data in accordance with our Terms of Business and this Privacy Notice.
By expressly opting in to receive our newsletters and promotional material, you consent to us using your email address for the said purposes, in which case the lawful basis for us using your Personal Data is your consent as outlined in Article 6.1 (a) of the GDPR 2016/679.
Article 6.1 (b) of the GDPR 2016/679 and the UK GDPR- Contractual necessity
One of the grounds for obtaining and processing your Personal Data is so that we can fulfil our contractual obligations towards you by performing our Services in line with the Terms of Business mutually agreed upon by us. For the purposes of fulfilling our contractual obligations towards you we may have to share your Personal Data with suppliers of Furniture, Fixtures and Equipment and delivery partners, so that you may receive the required items.
Article 6.1 (c) of the GDPR 2016/679 and the UK GDPR - Compliance with legal obligations
We may have to collect Personal Data in order to comply with certain legislative and regulatory requirements relating to client due diligence. Consequently, we may process your Personal Data to carry out identity checks and maintain records of customer due diligence.
We may employ third party service providers for the purposes of carrying out client identity checks or for processing your Personal Data for the purposes of due diligence. However, we remain the Data Controllers.
We may have to share your Personal Data with third parties if required by law or under a court decree or binding order passed by relevant authorities.
Article 6.1 (f) of the GDPR 2016/679 and the UK GDPR - Legitimate interests
In circumstances where you or your organisation are a client or an employee of Aisha Subhani Design, we may have to process your Personal Data to promote and pursue legitimate interests of the public and/or our organisation, and/or yours as our client or employee.
In terms of promotional material, if you unsubscribe from our mailing list or revoke your consent to receive our newsletters and promotional material, corresponding Personal Data will be removed from our mailing list and will no longer be processed for these purposes. Including your email address in our blocking list is effected in order to safeguard our legitimate interests under Article 6.1 (f) of the GDPR 2016/679. Our legitimate interests lie in not sending you any e-mails in the future.
* However, you can object to us processing your Personal Data on any of these bases at any time and if you do so, we will stop processing the Personal Data unless we can show compelling legitimate grounds which override your rights and interests such as, without limitation, the legitimate interest of our organisation and/or the public or that we need the Personal Data to establish, exercise or defend legal claims – see ‘Your rights’ below.
Who may use your Personal Data?
We are committed to keeping your e-mail address confidential. We do not sell, rent or lease the subscription lists to third parties.
We may, without any liability disclose your Personal Data:
• to enforce our policies, to comply with our legal obligations (such as if we are required to disclose your Personal Data under a court order, legal requirement and/or regulatory requirement) or in the interests of security, public interest, or law enforcement in any country where we have entities or affiliates. For example, we may respond to a request by a law enforcement agency or regulatory or government authority. We may also disclose Personal Data in connection with actual or proposed litigation, or to protect our property, security, people and other rights or interests
• to our employees, independent contractors/sub-contractors, suppliers, distributors, partners and/or third parties who need to receive your Personal Data in order to provide services to you or to carry out the administration of business. Examples include third parties hosting our web servers, analysing data, providing marketing and administration assistance, providing customer service, suppliers and delivery partners who have to deliver goods to you and contractors/sub-contractors employed to carry out our contractual obligations to you
• to our consultants such as legal consultants and accountants, for example, without limitation, when they are processing our invoices, financial statements, payrolls and filing our tax returns or providing us legal advice and service. These companies will have access to your personal information on a ‘need to know basis’, i.e., as necessary to perform their functions, but they may not use that Personal Data for any other purpose. Our contracts with all third parties processing our clients’ Personal Data shall outline their obligations relating to data protection.
• any third-party manufacturing business, distributor or service provider related to furniture, fixtures and/or equipment, which includes without limitation accessories, upholstery and artwork that you may instruct us to enter into a contract with on behalf of you and as part of our Services to you
• if required, any third-party agencies that specialise in undertaking client identity checks, money-laundering checks and credit checks
• sometimes we may carry out meetings via video conferencing services such as Zoom, Google Meets or Microsoft Teams. The purpose of using the afore-mentioned platforms is to carry out virtual meetings, share interior design/project management and related ideas via screen sharing and occasionally a meeting may be recorded subject to your consent. If a meeting is recorded, it will only be used as reference to help us deliver Services and perform our contractual obligations to you.
Details of how the afore-mentioned video communications services collect, and process Personal Data can be found in their respective privacy policies:
- Zoom Video Communications Inc.- Privacy Policy
- Google Meets- Privacy Policy
- Microsoft Teams- Privacy Policy
• we use Google Drive and Dropbox to review, edit, work on documents, plans and/or visuals and share them in real-time with our clients. Details of how the afore-mentioned platforms collect, and process Personal Data can be found in their respective privacy policies:
- Google Drive – Privacy Policy
- Dropbox – Privacy Policy
• we might share your contact details and delivery address with our delivery partners in accordance with the legal basis outlined in Article 6.1 (b) of the GDPR, i.e. contractual necessity, as our delivery partners will perform the shipment/delivery obligations under our contract with you.
• external agencies such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies, appointed, if necessary, as data processors by us. In this case we shall continue to remain the Data Controller. An updated list of these parties may be requested from us at any time.
• Any third party you may instruct us to share your Personal Data with
• We may share aggregated anonymised data with third parties in order to monitor our Services and to ensure consistent quality and safety relating to the Services provided to clients
• Any other organisation who may take over the business of Aisha Subhani Design either by purchasing it or by way of a merger or in the event of any catastrophic circumstances by reason of which new management has to continue Aisha Subhani Design’s business
Marketing communications
If you have given permission (i.e., if you have expressly opted in), we may contact you about newsletters.
In compliance with Applicable Data Protection Law, all emails sent by us will clearly state who the email is from and will provide clear information on how to contact the sender. In addition, all email marketing messages will also contain concise information on how to manage your Personal Data or remove yourself from our mailing list should you wish to, so that you receive no further email communication from us.
We are committed to keeping your information confidential. We will use your email address solely to provide timely information about us and our Services and we will maintain the information you send via email, via our Website and/or otherwise in accordance with Applicable Data Protection Law.
Social Media
Please remember that when you share information publicly on the Website or on social media platforms, for example, a comment on a blog post on or within social media groups, it may be indexable by search engines, including without limitation Google, Meta, Twitter and/or LinkedIn which may mean that the information is made public.
When you participate in conversations on social media your Personal Data is visible to members of the concerned social media group and to the public in general. Please note that you participate in social media related activities at your sole discretion, and we shall not be liable for the access and use of your Personal Data by third parties, via social media, including circumstances, where third parties contact you or initiate a conversation with you, on social media or otherwise, as a result of your information made available to them via our social media groups or any activity you participate in through our social media platforms or by connecting with us on social media.
Also please note you may be tracked by Instagram, Meta, LinkedIn, Google, Twitter or Pinterest cookies if you access our profile via these social media platforms. The links to their respective privacy policies have been provided below:
Instagram-Privacy Policy
Meta- Privacy Policy
LinkedIn- Privacy Policy
Google- Privacy Policy
Twitter- Privacy Policy
Pinterest – Privacy Policy
How do we store and transfer your Personal Data?
Hosting and back-end infrastructure- All Personal Data collected by Aisha Subhani Design is stored in a secure manner compliant with the Applicable Data Protection Law.
We use third-party hosting services for the purposes of hosting data and files that enable our Website to run and be distributed as well as to enable us to run specific features and functions within our Website. Some of these functions work through geographically distributed servers, thereby making it difficult to identify the exact location where the Personal Data is stored.
Our website is hosted by 123 Reg, and details of how your Personal Data may be processed and stored by 123 Reg can be found in their Privacy Policy.
Your Personal Data may also be stored on servers that may not be located in the United Kingdom and/or the European Economic Area (the EEA). For example, our servers may be located in the United States of America.
Consequently, when you use our Website to inquire about our Services, opt-in to receive promotional material or newsletters or use video-conferencing services to participate in meetings with us, Personal Data may be processed by servers located in the United States of America, with less strict privacy laws and the associated risk of your Personal Data being easily accessible in the United States of America.
Should you not wish your Personal Data to be processed in the United States of America you must not:
1. inquire about our Services via our Website
2. opt in to receive our promotional material and newsletters
3. participate in virtual meetings through video-conferencing service platforms
An inquiry of our Services via our Website or opting in to receive newsletters or your participation in virtual meetings with us through video-conferencing platforms shall constitute your consent to your Personal Data being processed in the United States of America.
We may also transfer Data that we collect from you to locations within and outside of the United Kingdom but within the European Economic Area for processing and storing. Also, it may be processed by staff or independent contractors operating within the European Economic Area who work for us.
By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all reasonable steps to make sure that your Data is treated securely and in agreement with this Privacy Notice.
Emails- all our inbound and outbound email communications are TSL (Transport Security Layer) encrypted, which is an industry standard for all encryptions.
Delivery – we may transfer your Data to our delivery partners within the UK and/or within the EEA provided that our Services to you include the shipment/delivery of products.
Security of Personal Data- The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of Data sent to us electronically and transmission of such Data is therefore entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain parts of our Website or Services, you are responsible for keeping this password confidential.
For how long do we store your Personal Data?
Our policy is that we retain your Personal Data for as long as it is necessary for the purposes set out in this Notice or as is required by Applicable Data Protection Law. All of the Personal Data is disposed of securely to ensure compliance with Applicable Data Protection Law.
Use of Cookies
On occasion, we may gather information about your computer for our Services and to provide statistical information regarding the use of our Website.
Such information will not identify you personally as it is statistical data about our visitors and their use of our Website. This statistical data does not identify any personal details whatsoever.
Similarly, to the above, we may gather information about your general internet use by using a cookie file.
A cookie is a small text file. Where used, these cookies are downloaded to your computer automatically, typically somewhere within your browser settings files. They help us to improve our Website and your experience of it.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service. Session Cookies are temporary cookies, as they store information about your current session and then are erased when your browser is closed.
Preference Cookies. We may use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Other tracking technologies are also used such as beacons, tags, and scripts to collect and track information and to improve and analyse our service.
All computers have the ability to decline cookies. Our Website will display a pop-up cookie banner to remind you that when you access our Website, we will place cookies on your device to improve your experience of our Website. We will also give you the option to consent or opt-out of cookies. You can opt-out of cookies by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies you may be unable to access particular parts of our Website.
We have presence on social media, such as (without limitation) Facebook, Twitter, Instagram, Pinterest and Google. Your access of our profile via these social media platforms may result in you and your activities being tracked by the cookies placed by these social media platforms.
For more information on Cookie Consent you may also want to visit the UK Information Commissioner’s webpage on cookies: https://ico.org.uk/for-organisations/guide-to-pecr/guidance-on-the-use-of-cookies-and-similar-technologies/
Google Analytics:
In order to optimise our service, we may apply Google Analytics and our own statistical analyses.
Google Analytics is a web analysis service provided by Google, which is used for purposes of market research and ensuring that the service meets user requirements. Google Analytics uses ‘cookies’, which are placed on your computer to make it possible to analyse how you make use of our Service. The information generated by the cookies about your use of our Service (including your pseudonymised IP address) is as a rule transmitted to and stored by Google on servers in the United States. Google uses this information in order to evaluate your use of the service and to create reports on activities for the operator of the service. Google may also transmit this information to third parties if this is prescribed by law, or if third parties process the data on behalf of Google. On no account will Google connect your IP address with other Google data. At https://tools.google.com/dlpage/gaoptout?hl=en-GB you can, with effect for the future, opt out of the recording and saving of your Data at any time. The saving of cookies makes it possible to analyse user behaviour and activate interest-based advertising.
Change in Terms of Privacy
We reserve the right to alter our privacy policies. Any changes to this Privacy Notice will be posted on this page. This Website is controlled and operated by Aisha Subhani Design Ltd. from its offices within the United Kingdom. We make no representations that materials, information, or content available on or through this Website are appropriate or available for use in other locations, and access to them from territories where, accessing such materials, information, or content is illegal is prohibited. Those who choose to access this Website from other locations do so on their own volition and are responsible for compliance with applicable local laws.
Third Party Links
You might find links to third party websites on our Website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
Your Rights
a) Right to transparent information to enable exercise of the rights of the Data Subject
We shall take appropriate measures to provide to you information that is to be provided where Personal Data is collected from the Data Subject, or otherwise under Articles 13 and 14 of the UK GDPR, as well as any communication under Articles 15 to 22 and 34 of the UK GDPR and relating to the processing of Personal Data in a concise, transparent, intelligible and easily accessible form, using clear and plain language. The information shall be provided in writing or by other means, including where appropriate, by electronic means.
b)Access to information
The GDPR and The Data Protection Act 1998 give you the right to access the information that we hold about you. We will provide the information that we hold on you within one month from the date of request and free of charge as long as this information hasn’t been provided to you already. If the information is a copy of information already provided or is excessive then an administration cost of £10 will be charged. Should you wish to receive details that we hold about you please contact us using the contact details below. You will need to provide suitable evidence that you are the person that the information pertains to before we will release it. Information will be provided to you within one month of receipt of request.
c)Erasure of your information
If you are no longer a client with us, then you have a right to erasure of your information. Once we have received your request for erasure, we will ensure all Personal Data we hold on you is erased within one month of the receipt of the request unless we are required to retain your information under a legal requirement.
d)Other rights
Under the Data Protection Act you have the following rights in relation to your own Personal Data:
• to prevent us using your Personal Data for direct marketing
• to have (in certain circumstances) inaccurate Personal Data corrected, blocked, or destroyed. Where possible we shall communicate the rectification or erasure of the Personal Data or restriction of processing carried out.
• to access a copy of your Personal Data that is undergoing processing (‘subject access rights’)
• to object to automated decisions. We do not, however, use automated decision making
• Data portability, which allows you to get and use your Personal Data for different purposes
• the right to withdraw consent and/or to object to us continuing to process your Personal Data
• a right to object to processing that is likely to cause or is causing damage or distress.
If you want to (1) tell us to stop using your Personal Data for direct marketing or withdraw consent from us processing your Personal Data for any of the purposes mentioned in this Notice (2) exercise your subject access rights (3) tell us about inaccurate Personal Data you think we hold on you or (4) object to a use you believe we’re making of your Personal Data which is causing, or is likely to cause damage or distress, please contact our Data Protection Manager or write to us at this address:
For the attention of Aisha Subhani
Aisha Subhani Design Ltd.
aisha@aishasubhanidesign.com
Contact us
We welcome any queries, comments or requests you may have regarding this Privacy Notice. Please do not hesitate to contact us at aisha@aishasubhanidesign.com.
Complaints
If you are unhappy with the way we are processing your Personal Data you can submit a complaint by writing to our Data Protection Manager at aisha@aishasubhanidesign.com.
You are also entitled to make a complaint at the Information Commissioner’s Office https://ico.org.uk/make-a-complaint/
The ICO’s address is:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
