GDPR Compliance

Last updated: May 2026

MoneySkills Edinburgh is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides information about how we handle your personal data in accordance with these regulations.

Data Controller

MoneySkills Edinburgh is the data controller responsible for your personal data. Our contact details are:

MoneySkills Edinburgh
14 Morrison Street
Edinburgh EH3 8BJ
Email: [email protected]

Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contract: Processing necessary to fulfil our contractual obligations when you book our services
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services and communicating with you
  • Consent: Where you have given us explicit consent to process your data for specific purposes, such as marketing communications
  • Legal obligation: Processing necessary to comply with our legal obligations

Your Rights Under UK GDPR

Under UK GDPR, you have the following rights:

Right of Access

You have the right to request a copy of the personal data we hold about you. We will respond to your request within one month.

Right to Rectification

You have the right to request that we correct any inaccurate personal data or complete any incomplete data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.

Right to Restriction of Processing

You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have rights related to automated decision-making and profiling. We do not currently use automated decision-making that produces legal effects concerning you.

Exercising Your Rights

To exercise any of these rights, please contact us using the details above. We may need to verify your identity before processing your request. We will respond to your request within one month, though this may be extended by two months for complex requests.

Data Protection for Children

Given that our services involve children, we take additional care with data relating to minors:

  • We obtain parental consent before collecting data about children
  • Parents may exercise data protection rights on behalf of their children
  • We minimise the data we collect about children to what is necessary for our educational services
  • Children's data is stored securely with restricted access

International Data Transfers

We primarily store and process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours. If the breach is likely to result in a high risk, we will also notify you directly.

Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk

Updates to This Notice

We may update this GDPR notice from time to time. Any changes will be posted on this page with an updated revision date.

We use cookies to improve your experience on our site. By continuing to browse, you agree to our Cookies Policy.