GDPR Compliance
Information for European Economic Area visitors
Introduction
Although Brightbulwark Repair is an Australian company primarily serving Australian customers, we are committed to protecting the privacy rights of all website visitors, including those located in the European Economic Area (EEA). This page outlines how we comply with the General Data Protection Regulation (GDPR) for EEA residents.
Data Controller
Brightbulwark Repair acts as the data controller for personal information collected through this website. Our contact details are:
Brightbulwark Repair
Level 4, 127 Creek Street
Brisbane QLD 4000
Australia
Email: [email protected]
Legal Basis for Processing
We process personal data from EEA residents under the following legal bases:
- Consent: When you submit information through our contact forms or accept cookies, you provide consent for us to process that data
- Legitimate interests: We may process data to operate and improve our website, provided this does not override your fundamental rights
- Contractual necessity: If you engage our services, processing may be necessary to fulfil our contractual obligations
- Legal compliance: We may process data to comply with applicable legal requirements
Your Rights Under GDPR
If you are located in the EEA, you have the following rights regarding your personal data:
Right of Access
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within 30 days of receiving your request.
Right to Rectification
You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.
Right to Erasure
Also known as the "right to be forgotten," you may request that we delete your personal data in certain circumstances, including when the data is no longer necessary for its original purpose or when you withdraw consent.
Right to Restrict Processing
You have the right to request that we limit how we use your data while we address any concerns you have raised about our data processing practices.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
Right to Object
You have the right to object to certain types of processing, including processing for direct marketing purposes or processing based on legitimate interests.
Rights Related to Automated Decision Making
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making processes.
International Data Transfers
As an Australian company, any personal data you provide may be transferred to and processed in Australia. Australia is not currently recognised by the European Commission as providing an adequate level of data protection. However, we implement appropriate safeguards to protect your data, including:
- Encryption of data in transit and at rest
- Access controls limiting data access to authorised personnel
- Regular security assessments
- Data minimisation practices
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Specific retention periods include:
- Contact form submissions: 24 months from last contact
- Service records: 7 years (Australian legal requirements)
- Cookie consent preferences: 12 months
- Website analytics: 26 months
Exercising Your Rights
To exercise any of your GDPR rights, please contact us at [email protected] with your request. We may need to verify your identity before processing your request. We will respond to valid requests within 30 days.
There is no fee for exercising your rights, unless your request is clearly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request.
Complaints
If you believe we have not handled your personal data properly or have not responded adequately to your requests, you have the right to lodge a complaint with your local data protection authority. A list of EEA data protection authorities can be found at the European Commission website.
We would appreciate the opportunity to address your concerns before you approach a supervisory authority, so please contact us first.
Cookie Consent
In compliance with GDPR requirements, we obtain your consent before placing non-essential cookies on your device. When you first visit our website, you will see a cookie banner that allows you to accept or reject cookies. You can withdraw your consent at any time by clearing your browser cookies and revisiting our site.
Children's Privacy
Our website and services are not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can delete the information.
Updates to This Information
We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically for the latest information on our privacy practices.
Contact
For any questions about GDPR compliance or to exercise your data protection rights, please contact:
Email: [email protected]
Address: Level 4, 127 Creek Street, Brisbane QLD 4000, Australia