1. Introduction
This Data Protection Complaints Policy explains how individuals can raise concerns about the way Rockabill Virtual Support (“we”, “us”, “our”) handles personal information.
It is intended to provide a clear and accessible process for making data protection complaints and to support compliance with UK data protection law, including UK GDPR and the Data Protection Act 2018.
We are committed to handling personal data lawfully, fairly, and transparently. If you believe your data has been processed incorrectly or unfairly, you have the right to raise a complaint.
2. Purpose
The purpose of this policy is to:
- Provide a clear procedure for individuals to raise concerns about how their personal data has been handled
- Ensure complaints are dealt with promptly, fairly, and consistently
- Support our compliance with UK GDPR and the Data Protection Act 2018
3. Scope
This policy applies to any data subject whose personal information has been processed by Rockabill Virtual Support.
Complaints may relate to, but are not limited to:
- Dissatisfaction with a response to a Subject Access Request (SAR) or other data rights request
- Concerns about a possible personal data breach
- Concerns about how personal data has been collected, stored, used, shared, or retained
- Belief that personal data is inaccurate or has been kept longer than necessary
4. How To Make A Complaint
If you wish to make a complaint under this policy, you can contact:
Brenda Morrison
Email: brenda@rockabillvirtualsupport.com
Please include the following information to help us investigate effectively:
- Your name and contact details
- A clear description of your concern
- Any relevant dates, correspondence, or supporting information
Complaints should ideally be submitted within two months of the issue arising.
5. What Happens After You Submit A Complaint
Acknowledgement
We will acknowledge your complaint within five working days.
Investigation
We will:
- Review the details of your complaint
- Examine any relevant records or correspondence
- Contact you if further information is needed
- Assess whether any data protection obligations have been breached
Response
We aim to provide a full written response within one calendar month of receiving your complaint.
Our response will include:
- A summary of the investigation
- Our findings
- Any actions taken or proposed
- Information on your right to escalate the matter if you remain dissatisfied
If your complaint is complex or requires more time, we may extend the response period by up to two additional months, where permitted under UK data protection law. In such cases, we will notify you and explain the reason for the delay.
6. Right To Escalate Your Complaint
If you are not satisfied with our response, you have the right to refer your complaint to the UK’s independent data protection authority:
Information Commissioner’s Office (ICO)
Website: ico.org.uk
Telephone: 0303 123 1113
You do not need to contact us first before approaching the ICO, but we encourage you to allow us the opportunity to resolve your concerns.
7. Updates To This Policy
This policy will be reviewed every two years, or sooner if required by changes in legislation, regulation, or best practice.
