GDPR Compliance

Last updated: January 2024

Our Commitment to GDPR

Hopeful Glow is committed to protecting the privacy and security of your personal data in compliance with the General Data Protection Regulation (GDPR). This page outlines your rights under GDPR and how we ensure compliance.

Data Controller

Hopeful Glow acts as the data controller for personal information collected through our website and services. Our contact details are:

Hopeful Glow
42 Design Quarter
Sydney NSW 2000
Australia
Email: [email protected]

Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose
  • Contract: Where processing is necessary for the performance of a contract with you
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation
  • Legitimate Interests: Where processing is necessary for our legitimate interests, provided these are not overridden by your rights

Your Rights Under GDPR

Under the GDPR, you have the following rights:

Right to Access

You have the right to request a copy of the personal data we hold about you and information about how we use it.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.

Right to Restrict Processing

You have the right to request that we limit the way we use your personal data in certain circumstances.

Right to Data Portability

You have the right to request a copy of your personal data in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to our processing of your personal data in certain circumstances, including for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Enquiry data is typically retained for 3 years, while project data may be retained for 7 years for legal and warranty purposes.

International Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including encryption of data in transit and at rest where appropriate.

Exercising Your Rights

To exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month. If your request is complex, we may extend this period by two months, in which case we will inform you.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority. In Australia, this is the Office of the Australian Information Commissioner (OAIC).

Updates to This Policy

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Learn more