Last updated: 23 May 2026

This page explains how to exercise your rights under the UK General Data Protection Regulation and the EU General Data Protection Regulation in respect of personal data processed by gAInXalpha (operated from 19 Queen Elizabeth Street, London, Southwark, SE1 2LP, United Kingdom). It supplements our Privacy Policy, which describes the categories of personal data we process and the legal bases on which we rely.

1. Your GDPR / UK GDPR rights

  • Access (Art. 15) — obtain confirmation of whether we process your personal data, a copy of that data, and the supplementary information required by Article 15.
  • Rectification (Art. 16) — have inaccurate personal data corrected and incomplete personal data completed.
  • Erasure (Art. 17) — have your personal data deleted where one of the Article 17 grounds applies (often called the “right to be forgotten”).
  • Restriction (Art. 18) — require us to restrict processing in defined circumstances, for example while accuracy is contested.
  • Portability (Art. 20) — receive personal data you have provided in a structured, commonly used, machine-readable format, and have it transmitted to another controller where technically feasible.
  • Objection (Art. 21) — object to processing based on legitimate interests, including profiling, and to processing for direct marketing.
  • Withdrawal of consent (Art. 7) — withdraw consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.
  • Complaint (Art. 77) — lodge a complaint with the supervisory authority in your country of residence, place of work, or place of the alleged infringement.

2. How to make a request

Send an email to support@gainxalpha.com with the subject line “Data request — [type]”, substituting the right you wish to exercise (for example: “Data request — access”, “Data request — erasure”, “Data request — objection”). Please include:

  • the email address associated with your account;
  • the specific right you are exercising;
  • any specifics that will help us scope the request, such as relevant date ranges, the data categories of interest, or the particular processing activity you are objecting to.

3. Verification

We will verify your identity using the email address on file for your account. Where there is reasonable doubt as to the identity of the person making the request — for example, if the request comes from a different address, references an account we cannot locate, or is made on behalf of a third party — we may ask for additional information to confirm your identity before we act, as permitted by Article 12(6).

4. Response time

We aim to respond within thirty (30) calendar days of receiving a verified request, in accordance with Article 12(3). Where a request is particularly complex or where we have received a number of requests from you, this period may be extended by a further sixty (60) days. In any such case we will tell you within the first month that the extension applies and explain the reasons.

5. No fee

Requests are handled free of charge. Where a request is manifestly unfounded or excessive — in particular because it is repetitive — we may either charge a reasonable administrative fee, taking into account the actual costs of providing the information or taking the action requested, or refuse to act on the request, as permitted by Article 12(5). We will tell you which option we have taken and why.

6. Account deletion specifics

Cancelling your subscription does not delete your account: it ends recurring billing but leaves your account record in place so that you can resubscribe without losing your history. To delete the account in full, submit an erasure request under Article 17 as described above. Some records will be retained after erasure for the period required by applicable accounting, tax, anti-money-laundering, and fraud-prevention law — typically billing and transaction records for the statutory retention period — and any back-up media will be overwritten on the normal back-up rotation rather than individually scrubbed.

7. Right to complain

If you believe that our processing of your personal data infringes data-protection law, you have the right to lodge a complaint with a supervisory authority, in particular in the EU or UK Member State of your habitual residence, place of work, or place of the alleged infringement.

  • United Kingdom: Information Commissioner’s Office — ico.org.uk.
  • European Union: the national supervisory authority of your country of residence.
  • Italy: Garante per la protezione dei dati personali — garanteprivacy.it.

We would, however, appreciate the opportunity to address your concerns before you approach a supervisory authority, and we encourage you to contact us first.

8. Contact

All data requests and data-protection enquiries: support@gainxalpha.com.