Final Pixel Data Protection Policy

1. Introduction

Final Pixel is committed to protecting the privacy and security of personal data. This policy outlines how we collect, process, store, and protect personal information in compliance with the UK General Data Protection Regulation (UK-GDPR) 2021 and the Data Protection Act 2018.

2. Lawful Basis for Processing Personal Data

Final Pixel processes personal data under one or more of the following lawful bases:

● Consent – Where the individual has given explicit consent.

● Contractual Necessity – Where processing is required to fulfill a contract.

● Legal Obligation – Where processing is necessary to comply with a legal requirement.

● Legitimate Interests – Where processing is essential for the legitimate interests of Final Pixel, provided these do not override individual rights.

3. Data Subject Access Requests (DSAR)

Individuals have the right to request access to their personal data held by Final Pixel. To make a Data Subject Access Request (DSAR):

● Submit a written request via info@finalpixel.com.

● Provide sufficient information to verify your identity.

● Requests will be responded to within 30 calendar days unless an extension is required due to complexity.

● In certain cases, a nominal fee may be charged to cover administrative costs.

4. Individual Rights Under UK-GDPR

Under UK-GDPR, individuals have the following rights:

● Right to Access – Request a copy of your personal data.

● Right to Rectification – Request correction of inaccurate or incomplete data.

● Right to Erasure – Request deletion of your data where legally applicable.

● Right to Restrict Processing – Request limits on how your data is processed.

● Right to Data Portability – Request to receive data in a structured, commonly used format.

● Right to Object – Object to processing based on legitimate interests or for direct marketing.

● Rights Related to Automated Decision-Making – Challenge decisions made solely by automated means.

To exercise any of these rights, contact info@finalpixel.com.

5. Data Retention & Storage

Final Pixel retains personal data only for as long as necessary to fulfill its intended purpose or comply with legal obligations. Once data is no longer required, it will be securely deleted or anonymised. 

Personal data is stored securely using industry-standard technical and organisational measures to protect against unauthorised access, alteration, disclosure, or destruction.

6. Data Security & Breach Notification

Final Pixel takes security seriously and has procedures in place to detect, investigate, and respond to potential data breaches.

● If a personal data breach occurs, Final Pixel will assess the risk to individuals and report it to the UK Information Commissioner’s Office (ICO) within 72 hours, if required.

● If the breach poses a high risk to individuals, those affected will be notified as soon as possible.

7. Third-Party Data Sharing & International Transfers

Final Pixel may share personal data with third-party service providers (e.g., cloud hosting, payroll services, analytics), but only where necessary for business operations. All third parties must comply with UK-GDPR and contractual obligations regarding data security.

If personal data is transferred outside the UK/EU, Final Pixel ensures adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) or UK Data Transfer Agreements.

8. Complaints & Escalation

If you have concerns about how your data is processed, you can contact info@finalpixel.com.

9. Exceptions & Exemptions

Final Pixel is not obliged to comply with a DSAR if the request is similar or identical to a previous request unless a reasonable interval has elapsed. Other exemptions under UK-GDPR may also apply.

Policy Last Updated: 4 April 2025

Final Pixel reserves the right to update this policy as required to comply with legal and business requirements.