GDPR Compliance
General Data Protection Regulation Information
Introduction
While soft-walls primarily operates in Australia, we recognize the importance of the European Union's General Data Protection Regulation (GDPR) for any European Economic Area (EEA) residents who may use our services. This page outlines our GDPR compliance measures.
Legal Basis for Processing
We process personal data under the following legal bases:
- Consent: You have given clear consent for us to process your personal data for specific purposes
- Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
- Legal Obligation: Processing is necessary for us to comply with the law
- Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests
Your GDPR Rights
If you are an EEA resident, you have the following rights under GDPR:
Right to Access
You have the right to request copies of your personal data. We may charge a small fee for this service.
Right to Rectification
You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
Right to Erasure
You have the right to request that we erase your personal data, under certain conditions.
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data, under certain conditions.
Right to Object to Processing
You have the right to object to our processing of your personal data, under certain conditions.
Right to Data Portability
You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
Data Protection Officer
For GDPR-related inquiries, you can contact our data protection contact:
Email: [email protected]
Subject Line: GDPR Inquiry
Data Processing Activities
We process the following categories of personal data:
- Identity data (name, date of birth)
- Contact data (email address, postal address)
- Financial data (tax information, bank details, super statements)
- Technical data (IP address, browser type, device information)
- Usage data (how you use our website and services)
- Marketing and communications data (your preferences in receiving marketing from us)
International Data Transfers
If we transfer your data outside the EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:
- Transferring your personal data to countries that have been deemed to provide an adequate level of protection
- Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe
- Transferring data to organizations that are part of Privacy Shield (where applicable)
Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and applicable legal requirements.
Security Measures
We have implemented appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Automated Decision Making and Profiling
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
Complaints
If you are an EEA resident and have concerns about our data processing practices, you have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
Updates to This Statement
We may update this GDPR compliance statement from time to time. We will notify you of any significant changes by posting the new statement on this page and updating the "Last updated" date.
Contact Us
If you have questions about our GDPR compliance or wish to exercise your GDPR rights, please contact us:
Email: [email protected]
Address: Level 14, 127 Creek Street, Brisbane QLD 4000, Australia