Last Updated: May 25, 2026
dynamo-ridge is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take our data protection responsibilities seriously and strive to be transparent about how we collect, use, and protect your personal data.
For the purposes of UK GDPR, the data controller is:
dynamo-ridge
47 Lothian Road
Edinburgh, EH1 2DJ
United Kingdom
Email: [email protected]
We collect and process the following categories of personal data:
We process personal data under the following legal bases as defined in UK GDPR Article 6:
Processing enrollment information, delivering programs, and fulfilling our service obligations.
Marketing communications and optional activities. You can withdraw consent at any time.
Improving our services, conducting research, and maintaining business operations, provided this does not override your fundamental rights.
Complying with legal requirements such as tax obligations and safeguarding duties.
If we process special category data (such as health information relevant to program participation), we do so only with explicit consent or where necessary for reasons of substantial public interest.
We implement appropriate technical and organizational measures including:
We retain personal data only as long as necessary:
After the retention period, data is securely deleted or anonymized.
You can request a copy of the personal data we hold about you.
You can request correction of inaccurate or incomplete personal data.
You can request deletion of your personal data in certain circumstances, such as when it's no longer necessary for the purpose collected.
You can request limitation on how we process your data while a concern is being addressed.
You can request your data in a structured, commonly used format for transfer to another service.
You can object to processing based on legitimate interests or for direct marketing purposes.
We do not use automated decision-making or profiling that produces legal or similarly significant effects.
To exercise any of these rights, please contact us at [email protected] or write to us at the address above. We will respond to your request within one month, though this may be extended by two additional months for complex requests.
To protect your privacy, we may ask for proof of identity before fulfilling data subject requests.
We do not charge a fee for exercising your rights unless requests are manifestly unfounded or excessive.
We share personal data only when necessary:
We work with third-party service providers who process data on our behalf under strict contractual terms:
All processors are required to implement appropriate security measures and process data only as instructed.
We may disclose personal data if required by law, court order, or regulatory authority.
We primarily store and process data within the United Kingdom. If data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:
In the event of a data breach that poses a risk to your rights and freedoms, we will:
Our programs serve children and young people. We take extra care when processing children's data:
We incorporate data protection principles into everything we do:
We review and update this GDPR compliance statement regularly to reflect changes in our practices or legal requirements. The "Last Updated" date at the top indicates the most recent revision.
If you have concerns about how we handle your personal data, please contact us first so we can address your concern. You also have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Phone: 0303 123 1113
Website: dynamo-ridge.com
For questions about data protection or to exercise your rights:
Email: [email protected]
Address: 47 Lothian Road, Edinburgh, EH1 2DJ, United Kingdom