General Data Protection Regulation (GDPR) Compliance
Gold Central is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This page explains how we process personal data and outlines your rights under the GDPR.
Legal Basis for Processing
We process personal data on the following legal bases:
- Consent: Where you have given clear consent for us to process your personal data for a specific purpose
- Contract: Where processing is necessary for the performance of a contract with you
- Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, except where such interests are overridden by your interests or fundamental rights
- Legal Obligation: Where processing is necessary for compliance with a legal obligation
Data Processing Activities
Gold Central processes personal data for the following purposes:
| Purpose | Data Categories | Legal Basis | Retention Period |
|---|---|---|---|
| Providing gold calculator services | Technical data (IP address, browser info, device info), Calculator inputs | Legitimate interests | Session duration only |
| Responding to contact inquiries | Contact information (name, email), Inquiry content | Consent | 2 years after last interaction |
| Price alert subscriptions | Contact information (email, phone), Alert preferences | Consent | Until unsubscribe |
| Website analytics | Anonymized usage data | Legitimate interests | 26 months |
Your Rights Under GDPR
Under the GDPR, you have the following rights regarding your personal data:
International Data Transfers
Gold Central primarily processes personal data within the United Kingdom and European Economic Area (EEA). Where data may be transferred outside the EEA, we ensure appropriate safeguards are in place to protect your data, such as Standard Contractual Clauses.
Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These include:
- Encryption of data in transit using SSL/TLS
- Regular security assessments
- Access controls and authentication measures
- Staff training on data protection and security
Data Breach Procedures
In the unlikely event of a data breach that affects your personal data, we will:
- Notify the relevant supervisory authority (ICO) within 72 hours of becoming aware of the breach
- Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
- Document the breach and our response as required by the GDPR
Data Protection Officer
While not required by law for our organization, we have designated a contact person for data protection matters who can be reached at the email address below.
Exercising Your Rights
To exercise any of your rights under the GDPR, please contact us at info@goldcentral.co.uk. We will respond to your request within one month.
You also have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes the GDPR. In the UK, the supervisory authority is the Information Commissioner's Office (ICO) at https://ico.org.uk/.
Last updated: May 11, 2025