Privacy Policy — United Kingdom
UK GDPR + DPA 2018 addendum · Last updated: 2026-05-07
This page supplements the global Privacy Policy with rights and procedures applicable under the UK General Data Protection Regulation and the Data Protection Act 2018. The substantive rights mirror the EU GDPR addendum; the differences are jurisdictional (regulator, post-Brexit transfer mechanism).
Your rights
UK GDPR grants the same data-subject rights as EU GDPR — access, rectification, erasure, restriction, portability, and objection — with the same procedural mechanics. See the EU page for the full enumeration; we honour them identically for UK users.
International transfers
Transfers from the UK to the United States rely on UK International Data Transfer Agreements (IDTAs) or the UK Addendum to the EU SCCs, as appropriate. Where a third country has been recognised by the UK government as providing adequate protection, that recognition is also relied upon.
Supervisory authority
The UK supervisory authority is the Information Commissioner's Office (ICO). You may lodge a complaint at ico.org.uk/make-a-complaint, or by post to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Breach notification
We notify the ICO of qualifying personal data breaches within 72 hours of becoming aware (UK GDPR Art. 33), and notify affected users without undue delay where the breach is likely to result in high risk to their rights.
Direct contact: privacy@joyp.tv.