Introduction
While Twinkling Suspension operates primarily in Australia, we recognize the importance of data protection standards established by the European Union's General Data Protection Regulation (GDPR). This page outlines our commitment to data protection principles for all users.
Legal Basis for Processing
We process personal data based on the following legal grounds:
- Consent: When you provide explicit permission for specific processing activities
- Contract: When processing is necessary to fulfill service agreements
- Legitimate Interests: For business operations that don't override your rights
- Legal Obligation: When required by Australian law
Your Rights Under GDPR
If you are an EU resident, you have the following rights:
- Right to Access: Request copies of your personal data
- Right to Rectification: Request correction of inaccurate data
- Right to Erasure: Request deletion of your data under certain circumstances
- Right to Restrict Processing: Request limitation of how we use your data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to processing based on legitimate interests
- Rights Related to Automated Decision-Making: We do not use automated decision-making or profiling
Data Collection and Use
We collect and process only the personal data necessary to provide our garden care services. This includes:
- Contact information for service delivery
- Property details relevant to garden care
- Service preferences and history
- Communications and correspondence
Data Protection Measures
We implement appropriate technical and organizational measures including:
- Encryption of data in transit and at rest
- Access controls and authentication protocols
- Regular security assessments
- Staff training on data protection
- Incident response procedures
International Data Transfers
As an Australian business, we primarily store and process data within Australia. If data is transferred internationally, we ensure appropriate safeguards are in place.
Data Retention
We retain personal data only for as long as necessary:
- Active customer data: Duration of service relationship plus 7 years
- Inquiry data: 2 years from last contact
- Financial records: 7 years as required by Australian law
Third-Party Processing
When we share data with service providers, we ensure they meet appropriate data protection standards through contractual agreements.
Exercising Your Rights
To exercise any of your GDPR rights, please contact us:
Email: [email protected]
Subject line: GDPR Request
We will respond to your request within 30 days.
Right to Lodge a Complaint
If you believe we have not handled your data appropriately, you have the right to lodge a complaint with:
- Your local data protection authority in the EU
- The Office of the Australian Information Commissioner (OAIC)
Data Protection Officer
For questions about data protection, contact our privacy team at [email protected].
Updates to This Policy
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised date.