Last updated: June 18, 2026
The General Data Protection Regulation is a comprehensive data protection law that governs how we collect, process, and protect personal data of individuals within the European Union and the United Kingdom. This page explains our GDPR compliance practices and your rights under this regulation.
For the purposes of GDPR, darkling-meadow acts as the data controller for personal information collected through our website and services. We are responsible for determining how and why your personal data is processed.
We process your personal data based on the following legal grounds:
As a data subject, you have the following rights regarding your personal information:
You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data. We will provide this information in a clear and understandable format.
If your personal information is inaccurate or incomplete, you have the right to request that we correct or complete it.
Also known as the "right to be forgotten," you can request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
You have the right to request that we limit how we use your personal data in specific situations, such as when you contest the accuracy of the data or object to our processing.
You can request to receive your personal data in a structured, commonly used, and machine-readable format, and you have the right to transmit that data to another controller.
You have the right to object to our processing of your personal data when we rely on legitimate interests as the legal basis for processing.
Where we process your data based on consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the relevant supervisory authority in your country.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
After the retention period expires, we securely delete or anonymize your personal data.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
Your personal data is primarily processed and stored within the United Kingdom. If we transfer data outside the UK or EU, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the relevant authorities.
In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk to your rights, we will also notify you directly without undue delay.
We do not knowingly collect or process personal data from individuals under 16 years of age. If we become aware that we have collected such data, we will take immediate steps to delete it.
We do not use your personal data for automated decision-making, including profiling, that produces legal effects or similarly significantly affects you.
To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month, though this period may be extended by two additional months for complex requests. We will inform you of any such extension within the initial one-month period.
We may need to verify your identity before processing your request to ensure we are disclosing information only to the rightful data subject.
We may update this GDPR information periodically to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised "Last updated" date.
For any questions, concerns, or requests related to GDPR compliance or your data protection rights, please contact us at [email protected].