GDPR Compliance - Glacier Spire

Last updated: January 2024

1. Introduction

Although Glacier Spire is an Australian company, we are committed to protecting the privacy of all our website visitors, including those located in the European Economic Area (EEA). This page outlines how we comply with the General Data Protection Regulation (GDPR) for EEA residents.

2. Data Controller

Glacier Spire acts as the data controller for personal data collected through our website. Our contact details are:

Glacier Spire
Unit 4, 127 Greenway Drive
Epping NSW 2121
Australia

Email: [email protected]

3. Legal Basis for Processing

We process personal data on the following legal bases:

Consent: Where you have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications)
Contract: Where processing is necessary for the performance of a contract with you or to take steps prior to entering into a contract
Legitimate interests: Where processing is necessary for our legitimate business interests, such as improving our services and website functionality
Legal obligation: Where processing is necessary to comply with legal requirements

4. Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right of Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data where we are relying on legitimate interests as the legal basis.

Right to Withdraw Consent

Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time.

5. International Data Transfers

As an Australian company, any personal data you provide may be transferred to and processed in Australia. Australia is not subject to an adequacy decision by the European Commission. However, we implement appropriate safeguards to protect your data, including:

Using secure encryption for data transmission
Limiting access to personal data to authorised personnel only
Maintaining appropriate technical and organisational security measures

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Specific retention periods are outlined in our Privacy Policy.

7. Cookies and Tracking

Our website uses cookies. You can manage your cookie preferences through our cookie consent banner. For more information, see our Cookies Policy.

8. Exercising Your Rights

To exercise any of your rights under GDPR, please contact us at:

Email: [email protected]

We will respond to your request within one month. In complex cases, this period may be extended by a further two months, and we will inform you of any such extension.

9. Complaints

If you believe that we have not complied with your data protection rights, you have the right to lodge a complaint with your local supervisory authority. You can find details of your supervisory authority at: https://edpb.europa.eu/about-edpb/board/members_en

10. Changes to This Notice

We may update this GDPR compliance notice from time to time. Any changes will be posted on this page with an updated revision date.