GDPR Compliance

Your rights under the General Data Protection Regulation

Our Commitment to GDPR

glossy-comet is committed to protecting the privacy and security of personal data. Although we are an Australian company, we recognise the importance of GDPR principles and extend these protections to all our customers, regardless of their location.

This page outlines your rights under the General Data Protection Regulation and how we ensure compliance with these important data protection standards.

Lawful Basis for Processing

We process personal data under the following lawful bases:

Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to your request within one month of receipt.

Right to Rectification

You have the right to request that we correct any inaccurate personal data we hold about you. You also have the right to have incomplete personal data completed.

Right to Erasure

Also known as the "right to be forgotten," you can request that we delete your personal data in certain circumstances, including:

Right to Restrict Processing

You have the right to request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer this data directly to another organisation where technically feasible.

Right to Object

You have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing purposes. If you object to marketing, we will stop processing your data for that purpose.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that significantly affect you. We do not currently use automated decision-making processes that would trigger these rights.

Data Protection Officer

While we are not required to appoint a Data Protection Officer under GDPR, we have designated a privacy contact who is responsible for overseeing data protection matters:

Privacy Contact
glossy-comet
147 Riverside Drive
Brisbane QLD 4000
Australia
Email: [email protected]

International Data Transfers

As an Australian company, some data processing may occur outside the European Economic Area. Where this occurs, we ensure appropriate safeguards are in place to protect your personal data in accordance with GDPR requirements.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to you, we will also notify you directly.

Exercising Your Rights

To exercise any of your rights under GDPR, please contact us using the details below. We may need to verify your identity before processing your request. We will respond to your request within one month, although this may be extended by a further two months for complex requests.

Complaints

If you are unsatisfied with how we handle your personal data or believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For EU residents, this would be the data protection authority in your country of residence.

Contact Us

For any GDPR-related enquiries, please contact:

glossy-comet
147 Riverside Drive
Brisbane QLD 4000
Australia
Email: [email protected]