1. Who We Are
Obsidian Dynamics Limited ("we", "us", "our") is a company registered in England & Wales under Company No. 16663833. We operate the websites obsidiandynamics.co.uk, projectskygrid.com, and strait-signal.com (collectively, the "Services").
For the purposes of the UK General Data Protection Regulation (UK GDPR) and The Data Protection Act 2018, we are the data controller.
2. Information We Collect
2.1 Information You Provide
- Contact information: Name, email address, and message content when you submit our contact form.
- Account information: Email address and authentication credentials when you create an account on our platforms.
- Billing information: Payment details processed by our third-party payment processor. We do not store payment card details directly.
2.2 Information Collected Automatically
- Usage data: Pages visited, features accessed, time spent, and interaction patterns.
- Device information: Browser type, operating system, screen resolution, and device identifiers.
- Log data: IP address, access times, referring URLs, and request parameters.
2.3 Cookies
We use essential cookies required for the operation of our Services. We may use analytics cookies to understand how our Services are used. You can control cookie preferences through your browser settings.
3. How We Use Your Information
We use your personal data for the following purposes:
- To provide, operate, and maintain the Services.
- To respond to your enquiries and provide customer support.
- To process transactions and send related notifications.
- To monitor and analyse usage trends to improve the Services.
- To detect, prevent, and address technical issues and security threats.
- To comply with legal obligations.
4. Legal Basis for Processing
Under UK GDPR, we process your personal data on the following legal bases:
- Contract: Processing necessary for the performance of a contract with you (e.g., providing platform access).
- Legitimate interest: Processing necessary for our legitimate business interests (e.g., improving services, security monitoring), where those interests are not overridden by your rights.
- Consent: Where you have provided specific consent for a particular processing activity.
- Legal obligation: Processing necessary to comply with applicable law.
5. Data Sharing
We do not sell your personal data. We may share your information with:
- Service providers: Third-party vendors who assist us in operating the Services (hosting, analytics, payment processing), bound by data processing agreements.
- Legal requirements: When required by law, regulation, or legal process.
- Business transfers: In connection with a merger, acquisition, or sale of assets, subject to appropriate confidentiality requirements.
6. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Account data is retained for the duration of your account plus a reasonable period thereafter. Contact form submissions are retained for 24 months unless you request earlier deletion.
7. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption in transit and at rest, access controls, and regular security assessments.
8. Your Rights
Under UK GDPR, you have the following rights:
- Access: Request a copy of your personal data.
- Rectification: Request correction of inaccurate or incomplete data.
- Erasure: Request deletion of your personal data ("right to be forgotten").
- Restriction: Request restriction of processing in certain circumstances.
- Portability: Request your data in a structured, commonly used, machine-readable format.
- Objection: Object to processing based on legitimate interest.
To exercise any of these rights, please contact us using the details on our contact page.
9. International Transfers
Our Services may involve the transfer of data to countries outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
10. Children's Privacy
Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version on this page with a revised "Last updated" date. Continued use of the Services after changes constitutes acceptance of the updated policy.
12. Contact
If you have any questions about this Privacy Policy or our data practices, please contact us through our contact page.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.