Data Protection & GDPR Statement

Our commitment to protecting your personal data

GDPR Compliance Commitment

TEK Optima is committed to protecting your personal data in full compliance with the General Data Protection Regulation (GDPR), UK GDPR, and other applicable data protection laws. This statement outlines how we fulfill our obligations as a data controller and your rights as a data subject.

Data Controller Information

Data Controller: Penny Turner, TEK Optima

Location: Florida, United States

Operating Jurisdictions: USA, United Kingdom, European Union

Contact: contact@tekoptima.com

Legal Basis for Processing

We process personal data only when we have a lawful basis to do so under GDPR Article 6:

  • Consent: Where you have explicitly consented to processing
  • Contract: To perform our consulting services contract with you
  • Legal Obligation: To comply with laws and regulations
  • Legitimate Interests: For business operations that do not override your rights

Your Data Subject Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you

Right to Rectification

Request correction of inaccurate or incomplete data

Right to Erasure

Request deletion of your data in certain circumstances

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Restriction

Request restriction of processing in certain circumstances

Right to Object

Object to processing based on legitimate interests or direct marketing

To exercise any of these rights, contact us at contact@tekoptima.com. We will respond within 30 days.

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and audits
  • Staff training on data protection
  • Incident response procedures

Data Breach Procedures

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, notify affected individuals without undue delay.

International Data Transfers

As a global consulting firm operating in the USA, UK, and EU, we may transfer your personal data internationally. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • UK International Data Transfer Agreement (IDTA) where applicable
  • Adequacy decisions for transfers to countries with adequate protection
  • Additional security measures for transatlantic data transfers

Supervisory Authority

You have the right to lodge a complaint with your local supervisory authority if you believe we have not complied with data protection laws. For EU residents, find your supervisory authority at edpb.europa.eu. For UK residents, contact the Information Commissioner's Office.

Contact Us

Data Protection Queries:

Email: contact@tekoptima.com

Response Time: 30 days for GDPR requests

Last Updated: December 2025