Your data protection rights under the General Data Protection Regulation
Last updated: January 2024
fjord-lumen is committed to protecting the privacy and security of personal data. This page explains how we comply with the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA) and how we respect similar data protection principles for all users.
For the purposes of data protection law, fjord-lumen is the data controller responsible for your personal data collected through this website.
Contact details:
fjord-lumen
142 Greenway Boulevard
Richmond, VIC 3121
Australia
Email: [email protected]
We process personal data under the following legal bases:
If you are located in the EEA, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of receiving your request.
You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.
You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing that significantly affect you. We do not currently engage in such automated decision-making.
To exercise any of these rights, please contact us using the details provided above. We may need to verify your identity before processing your request. We will respond to your request within one month, though this period may be extended by two months for complex requests.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The specific retention period depends on the nature of the data and the purposes for which it is processed.
As we are based in Australia, any personal data you provide may be transferred to and processed in Australia. We ensure that appropriate safeguards are in place to protect your data in accordance with GDPR requirements.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights, we will also notify you directly.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.