GDPR Compliance Statement

Last updated: May 2026

Our Commitment to GDPR

Zenith Move is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We respect your privacy rights and handle your personal data with care and transparency.

Data Controller Information

Zenith Move acts as the data controller for personal information collected through our website and services.

Contact Details:
Zenith Move
42 Deansgate Mews
Manchester M3 2FF
United Kingdom
Email: [email protected]

Lawful Basis for Data Processing

We process personal data under the following lawful bases:

Contract (Article 6(1)(b))

Processing necessary to fulfill our service delivery obligations when you book a program.

Legitimate Interests (Article 6(1)(f))

Processing for:

  • Improving our services and educational content
  • Website functionality and security
  • Direct marketing where we have an existing relationship

Consent (Article 6(1)(a))

Processing based on your explicit consent for specific activities, such as marketing communications or non-essential cookies.

Legal Obligation (Article 6(1)(c))

Processing required to comply with UK legal and regulatory requirements.

Your GDPR Rights

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You can request limitation of how we process your data under specific conditions.

Right to Data Portability

You can request your data in a structured, commonly used format for transfer to another controller.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

We do not use automated decision-making or profiling that produces legal effects or significantly affects you.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time without affecting prior processing.

Exercising Your Rights

To exercise any of these rights, contact us at [email protected] with:

  • Your full name
  • Email address associated with our services
  • Description of your request

We will respond within one month. Complex requests may require up to three months, and we will inform you of any extension.

Data Protection Principles

We adhere to the following GDPR principles:

  • Lawfulness, fairness, and transparency: We process data lawfully and communicate clearly about our practices
  • Purpose limitation: We collect data for specific, legitimate purposes
  • Data minimization: We only collect data necessary for our purposes
  • Accuracy: We maintain accurate and up-to-date records
  • Storage limitation: We retain data only as long as necessary
  • Integrity and confidentiality: We protect data with appropriate security measures
  • Accountability: We demonstrate compliance through documentation and policies

Data Security Measures

We implement technical and organizational measures including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Staff training on data protection
  • Incident response procedures

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform affected individuals without undue delay.

International Data Transfers

We primarily process data within the United Kingdom. Any international transfers comply with UK GDPR requirements through appropriate safeguards.

Third-Party Processors

We work with carefully selected third-party processors who meet GDPR standards. All processors are bound by data processing agreements ensuring GDPR compliance.

Children's Data

We do not process personal data of children under 13 without verified parental consent. Parents or legal guardians must provide consent for program bookings involving minors.

Complaints and Supervisory Authority

If you believe we have not handled your data in compliance with GDPR, you can lodge a complaint with:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

Policy Updates

We review this GDPR compliance statement regularly and update it as necessary to reflect changes in our practices or legal requirements.