Last updated: 8 May 2026
bytelens is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page explains how we comply with these regulations and what rights you have regarding your personal information.
For the purposes of data protection law, bytelens is the data controller responsible for your personal information. Our contact details are:
Email: [email protected]
Address: 42 Kingsway Avenue, Manchester, M20 4GB, United Kingdom
We process personal data only when we have a lawful basis to do so. The legal grounds we rely on include:
Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications).
Where processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract (e.g., enrolling in a programme).
Where we need to process your data to comply with legal requirements (e.g., financial record-keeping).
Where processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your rights and interests (e.g., improving our services, preventing fraud).
You have the right to clear, transparent information about how we use your personal data. This information is provided in our Privacy Policy.
You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month of receiving your request.
If your personal data is inaccurate or incomplete, you have the right to request that we correct or complete it.
Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances, such as:
You can request that we limit how we use your personal data in certain situations, such as while we verify the accuracy of data you've challenged.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.
We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you.
To exercise any of your GDPR rights, please contact us at [email protected]. Include the following in your request:
We will respond to your request within one month. In complex cases, we may extend this by two months and will inform you of any delay.
We adhere to the following GDPR principles when processing personal data:
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach.
We store and process your data within the United Kingdom. If we need to transfer data outside the UK, we will ensure appropriate safeguards are in place to protect your information in accordance with GDPR requirements.
While our services focus on children and teenagers, we obtain consent from parents or legal guardians before collecting personal data from anyone under 16 years of age.
For questions about data protection or to exercise your rights, contact our data protection team at [email protected].
If you believe we have not complied with GDPR, you have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Phone: 0303 123 1113
Website: www.ico.org.uk
We may update this GDPR compliance information as regulations evolve or our practices change. Please check this page periodically for updates.