GDPR Compliance

Last updated: January 2024

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organisations processing personal data of individuals in the European Union. While darkened-tower operates primarily in Australia, we are committed to upholding GDPR standards for all visitors to our website, regardless of location.

Data Controller

darkened-tower acts as the data controller for personal information collected through this website. This means we determine the purposes and means of processing your personal data.

Contact details:
darkened-tower
42 Harbour View Drive
Sydney NSW 2000, Australia
Email: [email protected]

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you submit an enquiry form or subscribe to communications, you consent to us processing your data for those specific purposes.
• Contract: Processing necessary for the performance of a contract with you or to take steps at your request prior to entering a contract.
• Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services and website functionality, provided these do not override your rights.
• Legal obligation: Processing necessary to comply with legal requirements.

Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights:

Right of Access

You have the right to request a copy of the personal data we hold about you. We will provide this information within 30 days of receiving your request.

Right to Rectification

You have the right to request that we correct any inaccurate personal data or complete any incomplete data we hold about you.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You have the right to request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affect you. We do not currently use automated decision-making processes.

Data Transfers

As an Australian-based company, transferring data outside the European Economic Area may occur. When this happens, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Specific retention periods vary depending on the nature of the data and our legal obligations.

Data Protection Officer

For enquiries regarding our data protection practices or to exercise your GDPR rights, please contact us at [email protected]. We aim to respond to all requests within 30 days.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For EU residents, this would be the data protection authority in your country of residence.

Updates to This Notice

We may update this GDPR notice periodically. Any changes will be posted on this page with an updated revision date.