GDPR Compliance Statement

Last updated: May 14, 2026

Our Commitment to GDPR

quick-harbor is committed to complying with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. This page outlines how we meet our obligations and protect your rights under these regulations.

Data Controller

quick-harbor is the data controller for personal information collected through our website and services.

Contact details:
quick-harbor
45 Wellington Street
London WC2E 7BN
United Kingdom
Email: [email protected]

Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent: When you provide explicit consent for enrollment or communications
  • Contract: To fulfill our contractual obligations when you enroll in our programs
  • Legitimate Interests: To operate and improve our services, where not overridden by your rights
  • Legal Obligation: To comply with applicable laws and regulations

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access

You can request confirmation of whether we process your personal data and access to that data.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data in certain circumstances.

Right to Restriction of Processing

You can request that we limit processing of your personal data in specific situations.

Right to Data Portability

You can request a copy of your data in a structured, commonly used, machine-readable format.

Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you. We do not currently use automated decision-making processes.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw that consent at any time.

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected] with:

  • Your full name
  • The email address associated with your account
  • A clear description of your request

We will respond to your request within one month. In complex cases, this may be extended to three months, and we will inform you of the extension.

Data Protection Principles

We adhere to the following data protection principles:

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and transparently
  • Purpose Limitation: We collect data for specific, explicit, and legitimate purposes
  • Data Minimization: We collect only data that is adequate, relevant, and necessary
  • Accuracy: We keep data accurate and up to date
  • Storage Limitation: We retain data only as long as necessary
  • Integrity and Confidentiality: We protect data with appropriate security measures
  • Accountability: We demonstrate compliance with these principles

Data Security Measures

We implement appropriate technical and organizational measures including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication
  • Staff training on data protection
  • Secure data backup procedures
  • Incident response procedures

Data Breach Notification

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

International Data Transfers

We primarily store and process data within the United Kingdom and European Economic Area. If data is transferred outside these regions, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Third-Party Processors

We work with carefully selected third-party processors who are GDPR-compliant. All processors are bound by data processing agreements that ensure they meet GDPR standards.

Children's Data

Our services involve children's education. We obtain parental consent before collecting any personal information about children under 16. Parents have the right to access, modify, or delete their child's information at any time.

Right to Lodge a Complaint

If you believe we have not complied with GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Phone: 0303 123 1113
Website: ico.org.uk

Updates to This Statement

We may update this GDPR Compliance Statement to reflect changes in our practices or legal requirements. The updated version will be posted on this page with a revised date.

Contact Us

For any questions or concerns about GDPR compliance or data protection:

Email: [email protected]