GDPR Compliance

Last updated: May 2026

Our Commitment to GDPR

Young Money Edinburgh is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Legal Basis for Processing

We process your personal data under the following legal bases:

Your GDPR Rights

Under GDPR, you have comprehensive rights regarding your personal data:

Right of Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete data.

Right to Erasure

You can request deletion of your personal data in certain circumstances.

Right to Restriction

You can request that we limit how we use your data.

Right to Data Portability

You can request your data in a structured, commonly used format.

Right to Object

You can object to processing based on legitimate interests or direct marketing.

Rights Related to Automated Decision Making

We do not use automated decision-making or profiling that produces legal effects.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

International Data Transfers

Your personal data is stored and processed within the United Kingdom. If we need to transfer data internationally, we ensure appropriate safeguards are in place.

Data Protection Officer

For any questions about how we handle your data or to exercise your rights, please contact us at:

[email protected]

Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated.

ICO Website: ico.org.uk

How to Exercise Your Rights

To exercise any of your GDPR rights, please email us at [email protected] with your request. We will respond within one month.