GDPR Compliance

Last updated: 12/31/2025

Part I: Principles of Data Protection

1. Core Principles (Article 5)

Ark Platforms Europe Limited adheres strictly to the fundamental principles of the UK GDPR and EU GDPR. We ensure that personal data is: processed lawfully, fairly, and transparently; collected for specific, explicit, and legitimate purposes; adequate, relevant, and limited to what is necessary (data minimization); accurate and kept up to date; and processed in a manner that ensures appropriate security.

2. Accountability

We take full responsibility for our data processing activities. Our internal records, Privacy Impact Assessments (PIAs) for large-scale development projects, and regular staff training reflect our commitment to demonstrating compliance with global data protection standards.

Part II: Your 8 Fundamental Rights

1. Right to be Informed

You have the right to clear and transparent information about how we use your personal data.

2. Right of Access

You can request copies of the personal data we hold about you via a Subject Access Request (SAR).

3. Right to Rectification

You have the right to have inaccurate or incomplete personal data corrected.

4. Right to Erasure

Also known as the "right to be forgotten," you can request the deletion of your data in specific cases.

5. Right to Restrict Processing

You can request that we limit the way we use your data under certain circumstances.

6. Right to Data Portability

You can request that we transfer your data to another service provider in a machine-readable format.

7. Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing.

8. Rights in Automated Decisions

You have rights regarding decisions made without human intervention, specifically profiling.

Part III: Lawful Basis for Processing

3. Determination of Basis

We process your personal data under the following lawful bases:

  • Contract: Necessary to deliver our services (e.g., Software Solutions, Company Formation).
  • Consent: When you explicitly agree to marketing communications or specific cookie types.
  • Legal Obligation: To comply with financial regulations and anti-money laundering (AML) laws.
  • Legitimate Interest: For the improvement of our Site and the security of our infrastructure.

Part IV: International Data Transfers

4. Cross-Border Safeguards

As Ark Platforms operates globally, particularly between the UK and US, your data may be transferred outside the UK. In such cases, we ensure that adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission and the UK Information Commissioner’s Office (ICO). This ensures that your data receives the same level of protection regardless of its geographical location.

Part V: Data Subject Access Request (DSAR) Protocol

5. How to Exercise Your Rights

To submit a formal request for access to your data or to exercise any of your rights, please follow these steps:

  1. Send an email to privacy@arkplatforms.com with the subject "DSAR Request".
  2. Provide sufficient proof of identity (we may ask for a copy of a government-issued ID).
  3. Specify which rights you wish to exercise and the scope of the data involved.

We will respond to your request within one month of receipt. In cases of complex requests, we may extend this period by a further two months, in which case we will notify you of the delay.

Part VI: Data Protection Officer & Supervision

6. Contacting the DPO

Ark Platforms has appointed an internal Data Protection Officer (DPO). If you have any questions or complaints about how we handle your data, please contact the DPO at dpo@arkplatforms.com.

7. Right to Lodge a Complaint

If you are not satisfied with our response or believe we are processing your data unlawfully, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK (www.ico.org.uk) or your local tracking supervisory authority.