Last updated: May 10, 2026
Cobalt Horizons is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take our data protection responsibilities seriously and have implemented appropriate measures to ensure your personal data is processed lawfully, fairly, and transparently.
For the purposes of UK GDPR, the data controller is:
Cobalt Horizons
47 Aldgate Street
London, EC3N 1AL
United Kingdom
Email: [email protected]
We process your personal data under the following lawful bases:
When you submit an inquiry form, subscribe to communications, or accept cookies, you provide explicit consent for us to process your data for specified purposes. You can withdraw consent at any time.
When you engage our services, we process data necessary to fulfill our contractual obligations, including project delivery, invoicing, and communication.
We process certain data based on our legitimate business interests, such as:
We conduct legitimate interest assessments to ensure our interests do not override your rights and freedoms.
We process data when required to comply with legal obligations, such as tax reporting, regulatory requirements, or response to lawful requests from authorities.
Under UK GDPR, you have the following rights regarding your personal data:
You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded or excessive.
You have the right to request correction of inaccurate or incomplete personal data.
You have the right to request deletion of your personal data under certain circumstances, including:
You have the right to request restriction of processing your personal data in certain situations, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
To exercise any of your GDPR rights, please contact us at [email protected] with "GDPR Request" in the subject line. Include:
We will respond to your request within one month. In complex cases, we may extend this by two additional months and will inform you of any delay.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
We implement appropriate technical and organizational measures to protect your personal data, including:
In the event of a personal data breach likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also report the breach to the ICO within 72 hours where required.
We work with carefully selected third-party processors who assist in providing our services. All processors are contractually bound to process data in accordance with UK GDPR requirements. We conduct due diligence to ensure adequate data protection measures are in place.
When we transfer personal data outside the UK, we ensure appropriate safeguards are in place, such as:
We do not knowingly collect or process personal data from individuals under 18 years of age. Our services are directed at businesses and professional audiences.
We may update this GDPR compliance statement periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes through our website or direct communication.
If you have questions about our GDPR compliance or wish to file a complaint, please contact us:
Email: [email protected]
Subject: GDPR Inquiry
You have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: cobalt-horizons.com