GDPR Compliance

Your data protection rights under the General Data Protection Regulation

Our Commitment to Data Protection

Although Shattered Vault is an Australian company, we are committed to protecting the privacy and data rights of all our website visitors, including those in the European Economic Area (EEA). We voluntarily comply with the principles of the General Data Protection Regulation (GDPR) where applicable.

Data Controller

For the purposes of data protection legislation, the data controller is:

Shattered Vault Pty Ltd
Level 4, 127 Creek Street
Brisbane QLD 4000
Australia
Email: [email protected]

Legal Basis for Processing

We process personal data on the following legal bases:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
  • Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these interests do not override your fundamental rights and freedoms.
  • Legal Obligation: Where processing is necessary to comply with a legal obligation.

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you, along with information about how we process it.

Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of contested data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have it transmitted to another controller where technically feasible.

Right to Object

You have the right to object to the processing of your personal data where we are relying on legitimate interests as the legal basis, or where we are processing your data for direct marketing purposes.

Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Exercising Your Rights

To exercise any of your rights, please contact us using the details provided above. We will respond to your request within one month. This period may be extended by two further months where necessary, taking into account the complexity and number of requests.

We may need to verify your identity before processing your request. We will not charge a fee for handling your request unless it is manifestly unfounded or excessive.

International Data Transfers

As an Australian company, any personal data collected through our website may be transferred to and processed in Australia. If you are located in the EEA, by using our website and providing your personal data, you consent to this transfer.

We ensure that appropriate safeguards are in place to protect your personal data in accordance with this policy and applicable data protection laws.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. The retention period may vary depending on the context of the data and our legal obligations.

Data Security

We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. These measures include encryption, access controls, and regular security assessments.

Complaints

If you are located in the EEA and believe that we have not complied with your data protection rights, you have the right to lodge a complaint with a supervisory authority in the EEA member state of your habitual residence, place of work, or place of the alleged infringement.

We would appreciate the chance to address your concerns before you approach a supervisory authority, so please contact us first.

Changes to This Policy

We may update this GDPR compliance statement from time to time. Any changes will be posted on this page with an updated revision date.

Contact Us

If you have any questions about this GDPR compliance statement or wish to exercise your data protection rights, please contact us:

Shattered Vault Pty Ltd
Level 4, 127 Creek Street
Brisbane QLD 4000
Email: [email protected]

We use cookies to enhance your browsing experience and analyse site traffic. By continuing, you consent to our use of cookies. Learn more