GDPR Compliance
Information for visitors from the European Union and European Economic Area
Last updated: January 2024
1. Introduction
Azure Roads respects the privacy rights of individuals in the European Union (EU) and the European Economic Area (EEA) under the General Data Protection Regulation (GDPR). This page provides additional information specifically for individuals whose personal data is subject to GDPR protection.
2. Data Controller
For the purposes of GDPR, Azure Roads acts as the data controller for personal data collected through our website and services. Our contact details are:
Azure Roads
42 Harbour Street
Sydney, NSW 2000
Australia
Email: [email protected]
3. Legal Basis for Processing
We process personal data of EU/EEA residents under the following legal bases:
- Consent: Where you have given clear consent for us to process your personal data for a specific purpose, such as subscribing to our newsletter or accepting cookies.
- Contract: Where processing is necessary for the performance of a contract with you, such as providing our pet care services.
- Legal Obligation: Where processing is necessary to comply with a legal obligation to which we are subject.
- Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided those interests do not override your fundamental rights and freedoms.
4. Your Rights Under GDPR
If you are located in the EU or EEA, you have the following rights regarding your personal data:
Right to Access
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of receiving your request.
Right to Rectification
You have the right to request that we correct any inaccurate personal data we hold about you, and to have incomplete data completed.
Right to Erasure (Right to be Forgotten)
You have the right to request that we delete your personal data in certain circumstances, including when the data is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
Right to Restriction of Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to our processing.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, machine-readable format, and to transmit that data to another controller without hindrance.
Right to Object
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
Rights Related to Automated Decision-Making
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
5. How to Exercise Your Rights
To exercise any of these rights, please contact us using the details provided above. We may need to verify your identity before processing your request. We will respond to your request within one month, although we may extend this period by two additional months if necessary, depending on the complexity of your request.
6. International Data Transfers
As we are based in Australia, any personal data you provide to us may be transferred to and processed in Australia. Australia has not received an adequacy decision from the European Commission. However, we implement appropriate safeguards to ensure that your personal data receives an adequate level of protection, including:
- Standard contractual clauses approved by the European Commission
- Ensuring our service providers implement appropriate technical and organisational measures
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The retention period may vary depending on the context of the processing and our legal obligations.
8. Data Security
We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include encryption, access controls, and regular security assessments.
9. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
10. Supervisory Authority
If you are located in the EU or EEA and believe that we have not complied with GDPR in relation to your personal data, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or where the alleged infringement occurred.
11. Changes to This Information
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.
12. Contact Us
For any questions or concerns regarding GDPR compliance or to exercise your rights, please contact us at:
Azure Roads
42 Harbour Street
Sydney, NSW 2000
Australia
Email: [email protected]