UK GDPR Compliance

At Illuminate by Beth, we are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR). This page explains how we comply with your rights under UK GDPR and how you can exercise them.

Scope and Applicability

This compliance page applies to all visitors of Illuminate by Beth (lumibybeth.co.uk), regardless of location. While we are based in New Zealand, we offer our services to individuals in the United Kingdom and therefore comply with UK GDPR when processing personal data of UK residents.

Your Rights Under UK GDPR

Under UK GDPR, you have the following rights:

• Right of access – You can request a copy of the personal data we hold about you.
• Right to rectification – You can request correction of any inaccurate or incomplete personal data.
• Right to erasure – You can request deletion of your personal data in certain circumstances.
• Right to restrict processing – You can request we limit how we use your data.
• Right to data portability – You can request your data in a structured, commonly used format.
• Right to object – You can object to our processing of your data based on legitimate interests.
• Right to withdraw consent – If we rely on your consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

How We Comply

Illuminate by Beth is an informational blog-style website with no user registration, account system, or database storing personal information. We do not collect or store names, email addresses, or other identifiers unless voluntarily submitted via our contact form. Any personal data collected is limited to:

• IP addresses (via analytics tools)
• Cookies and similar technologies for site functionality and performance
• Browser and device information for analytics purposes

We use only necessary, anonymised, and aggregated data. We do not sell, share, or profile personal data for advertising purposes.

Data We Process

The only personal data we process under UK GDPR includes:

• Technical identifiers such as IP addresses and cookie IDs
• Usage patterns via Google Analytics (anonymised)
• Information voluntarily provided via our contact form (name and message)

No sensitive personal data is collected.

Legal Basis for Processing

We process personal data under the following lawful bases:

• Legitimate interests – For site performance, analytics, and security (e.g., detecting abuse)
• Consent – For non-essential cookies, which you can manage via our cookie banner
• Contractual necessity – Only when you submit a contact form to request information

How to Exercise Your Rights

To exercise any of your rights under UK GDPR, please send a request to our data protection contact:

Email: [email protected]

Include your full name, the right you wish to exercise, and any relevant details (e.g., email used on the contact form). We will verify your identity before responding.

Response Timeframes

We will respond to your request within one month of receipt. If your request is complex or numerous, we may extend this by up to two additional months and will inform you within one month.

No Discrimination Policy

We will not deny you services, charge different prices, or provide a different quality of service because you exercised your rights under UK GDPR.

Updates and Changes

We may update this page periodically to reflect changes in law or our practices. The most recent version will always be posted here with an updated effective date.

Contact Information

If you have any questions about this compliance page or wish to exercise your rights, please contact:

Name: Aurora Waverley
Email: [email protected]
Address: Eastern Waterfront, Mission Bay, Auckland 1071, New Zealand

For complaints regarding our data practices, you may also contact the Information Commissioner’s Office (ICO) at ico.org.uk.