GDPR Privacy Notice

How we comply with the General Data Protection Regulation (GDPR)

Brisk is in compliance with the General Data Protection Regulation (GDPR). We are providing this privacy notice for UK and EU residents to supplement the information and disclosures already contained in our Privacy Policy.

Interpretation

The “personal information” referenced in our Privacy Policy means “personal data” as that term is defined under the EU GDPR and its UK GDPR counterpart.

Brisk is a data controller for the personal data collected from our customers. For the personal data of end users that access or use our customers’ websites, we are only a data processor on their behalf.

Your rights under GDPR

GDPR gives certain privacy rights to UK and EU residents. We believe you should be able to access and control your personal data no matter where you live, so we make sure that every user is entitled to the following:

  • The right to access – You have the right to request for copies of your personal data.

  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.

  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.

  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us as described in the Contact Us section of our Privacy Policy.

International transfers

We primarily store and process your personal data in the UK and the European Economic Area (EEA). The nature of our business requires us maintain servers around the world and therefore we may need to transfer your data outside the EEA.

When we transfer your information across borders, we take steps to protect your information and comply with legal frameworks that establish an equivalent level of protection with EU law: