Your data protection rights
Verdant Rain Culinary Services is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page explains your rights and how we protect your personal data.
Verdant Rain Culinary Services acts as the data controller for personal information collected through our website and services. This means we determine the purposes and means of processing your personal data.
Contact details:
Verdant Rain Culinary Services
47 Rosemary Lane
Cirencester, Gloucestershire
GL7 2PQ
Email: [email protected]
As a data subject, you have the following rights:
You have the right to request a copy of the personal information we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to your request within one month.
If you believe any information we hold about you is inaccurate or incomplete, you have the right to request correction. We will respond within one month of receiving your request.
Also known as the "right to be forgotten", you can request deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purpose it was collected.
You can request that we limit how we use your personal data while we verify its accuracy or while you exercise other rights.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
You can object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds.
You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not currently use automated decision-making.
We process personal data under the following lawful bases:
We collect and process the following categories of personal data:
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specific retention periods are outlined in our Privacy Policy.
We primarily process data within the United Kingdom. Where we transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK authorities.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours and, where required, inform you directly.
To exercise any of your rights, please contact us at [email protected]. We may need to verify your identity before processing your request. There is no fee for exercising your rights, though we may charge a reasonable fee for manifestly unfounded or excessive requests.
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire
SK9 5AF
Website: ico.org.uk
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.
Last updated: 3 June 2026