GDPR Compliance

Your data protection rights under the General Data Protection Regulation

Our Commitment to GDPR

Obscure Ledge is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This page explains how we handle your personal data in accordance with GDPR requirements.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: When you provide explicit consent for us to process your data for specific purposes
  • Contract: When processing is necessary to fulfill our service obligations to you
  • Legal Obligation: When we must process data to comply with legal requirements
  • Legitimate Interests: When processing serves our legitimate business interests without overriding your rights

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

Right to Rectification

You have the right to request correction of any information you believe is inaccurate or completion of information you believe is incomplete.

Right to Erasure

You have the right to request deletion of your personal data under certain conditions, including when the data is no longer necessary for the purposes it was collected.

Right to Restrict Processing

You have the right to request restriction of processing your personal data under certain conditions.

Right to Object

You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.

Right to Data Portability

You have the right to request transfer of your data to another organization or directly to you under certain conditions.

Data Protection Officer

For any GDPR-related inquiries or to exercise your rights, please contact our data protection team:

Email: [email protected]
Address: 127 Wellington Parade, East Melbourne VIC 3002, Australia

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Specific retention periods depend on:

  • The nature of the data and services provided
  • Legal and regulatory requirements
  • The purpose for which the data was collected

Children's Data

We do not knowingly process personal data of children under 16 years of age without parental consent, as required by GDPR.

Supervisory Authority

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection supervisory authority.

Updates to GDPR Compliance

We regularly review and update our GDPR compliance practices. Any material changes will be communicated through our website.

Contact for GDPR Inquiries

To exercise any of your GDPR rights or for questions about our data processing activities:

Email: [email protected]
Response time: We aim to respond to all requests within 30 days