GDPR Compliance Statement

Last Updated: June 1, 2026

Our Commitment to GDPR

Flexorin CapitalTech is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we comply with these regulations and respect your data protection rights.

Data Controller

Flexorin CapitalTech is the data controller responsible for your personal data. Our contact details are:

Flexorin CapitalTech
127 Kingsway
London WC2B 6NH
United Kingdom
Email: [email protected]

Lawful Basis for Processing

We process your personal data under the following lawful bases:

• Consent: When you explicitly agree to our processing of your data for specific purposes (e.g., marketing communications)
• Contract: When processing is necessary to fulfill our contractual obligations to provide you with our coaching services
• Legitimate Interests: When we have a legitimate business interest that does not override your rights and freedoms
• Legal Obligation: When we are required to process data to comply with legal or regulatory requirements

Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

1. Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies.

2. Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

3. Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.

4. Right to Restrict Processing

You have the right to request restriction of processing of your personal data in certain circumstances.

5. Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as the lawful basis.

6. Right to Data Portability

You have the right to request transfer of your personal data to another organization or directly to you, in a structured, commonly used, and machine-readable format.

7. Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us via email at [email protected] or by post at the address above. We will respond to your request within one month, though this may be extended by up to two additional months in complex cases.

When making a request, please provide:

• Your full name and contact details
• Details of your specific request
• Proof of identity (to prevent unauthorized disclosure)

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Staff training on data protection
• Secure backup and disaster recovery procedures

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay. We will also report qualifying breaches to the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach.

Data Protection by Design and Default

We implement data protection principles into our processing activities and business practices from the design stage, ensuring that:

• Only necessary personal data is collected and processed
• Data is accurate and kept up to date
• Data is retained only for as long as necessary
• Appropriate security measures are in place

Third-Party Processing

When we engage third-party processors to handle your personal data, we ensure:

• Processors provide sufficient guarantees of compliance with UK GDPR
• Data Processing Agreements are in place
• Appropriate security measures are implemented
• Processing is only carried out on our documented instructions

International Data Transfers

If we transfer your personal data outside the UK, we ensure adequate protection through:

• Transfer to countries with adequacy decisions
• Use of Standard Contractual Clauses
• Other appropriate safeguards approved under UK GDPR

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Client coaching records: 7 years after program completion
• Financial transaction records: 7 years (legal requirement)
• Marketing communications: Until consent is withdrawn
• Website analytics: 26 months

Marketing Communications

We will only send you marketing communications if you have provided explicit consent. You can withdraw consent at any time by:

• Clicking the unsubscribe link in any email
• Contacting us directly at [email protected]

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with UK GDPR, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom
Telephone: 0303 123 1113
Website: ico.org.uk

Updates to This Statement

We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this page indicates when the statement was last revised.

Contact Us

If you have any questions about our GDPR compliance or data protection practices, please contact us at [email protected]