GDPR Compliance

Last Updated: May 10, 2026

Our Commitment to UK GDPR

Silicon Flare is fully committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we meet our obligations and protect your data rights.

Data Controller Information

Data Controller: Silicon Flare Pension Advisory
Registered Address: 42 Broadwick Street, London, W1F 7AF, United Kingdom
Contact Email: [email protected]
ICO Registration Number: ZB347821

Your Data Protection Rights

Under UK GDPR, you have the following rights with respect to your personal data:

1. Right to Be Informed

You have the right to be informed about the collection and use of your personal data. We provide this information through our Privacy Policy and this GDPR compliance page.

2. Right of Access

You can request access to the personal data we hold about you. This is commonly known as a "subject access request" (SAR). We will provide you with:

  • Confirmation that we are processing your personal data
  • A copy of your personal data
  • Information about how we use your data

We will respond to your request within one month, free of charge.

3. Right to Rectification

If your personal data is inaccurate or incomplete, you have the right to request that we correct or complete it. We will respond within one month and notify any third parties with whom we have shared your data.

4. Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent (where processing was based on consent)
  • You object to the processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Erasure is required for compliance with a legal obligation

Please note that this right is not absolute. We may be required to retain certain information to comply with legal or regulatory obligations, particularly FCA requirements for financial services records.

5. Right to Restrict Processing

You can request that we restrict the processing of your personal data in certain circumstances, such as when:

  • You contest the accuracy of the data
  • Processing is unlawful but you don't want the data erased
  • We no longer need the data, but you need it for legal claims
  • You have objected to processing and verification is pending

6. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer this data directly to another controller where technically feasible.

7. Right to Object

You can object to processing of your personal data based on:

  • Legitimate interests or performance of a task in the public interest
  • Direct marketing (we will stop immediately)
  • Scientific, historical research, or statistical purposes

8. Rights Related to Automated Decision Making and Profiling

Silicon Flare does not use automated decision-making or profiling for any aspect of our service delivery. All pension advice and recommendations are provided by qualified human advisors.

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us:

  • Email: [email protected] with the subject line "GDPR Request"
  • Post: Data Protection Officer, Silicon Flare, 42 Broadwick Street, London, W1F 7AF

We may need to verify your identity before processing your request. We will respond within one month, or inform you if we need an extension (up to two additional months for complex requests).

Lawful Basis for Processing

We process your personal data under one or more of the following lawful bases:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose
  • Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
  • Legal obligation: Processing is necessary for us to comply with the law (e.g., FCA requirements)
  • Legitimate interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those interests

Data Security Measures

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest
  • Regular security testing and vulnerability assessments
  • Access controls with role-based permissions
  • Multi-factor authentication for system access
  • Regular staff training on data protection
  • Incident response procedures
  • Regular backups and disaster recovery plans

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Provide clear information about the nature of the breach and steps being taken to address it

International Data Transfers

We primarily process data within the United Kingdom. If we need to transfer your data outside the UK, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the UK government
  • Standard contractual clauses approved by the ICO
  • Binding corporate rules

Data Protection Officer

While not legally required to appoint a Data Protection Officer, we have designated a responsible person for data protection matters:

Contact: [email protected] (Attn: Data Protection)

Children's Privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from children.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Website: silicon-flare.com
Helpline: 0303 123 1113

Updates to This Page

We may update this GDPR compliance information from time to time to reflect changes in our practices or legal requirements. Please check this page periodically for updates.