GDPR Compliance

Last updated: May 22, 2026

Introduction

This page provides information about how Streakless Haven complies with the General Data Protection Regulation (GDPR) for users located in the European Economic Area (EEA), the United Kingdom, and Switzerland.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications)
  • Contract: Processing is necessary for the performance of a contract with you (e.g., providing our programs and services)
  • Legal Obligation: Processing is necessary for compliance with a legal obligation
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and interests

Your Rights Under GDPR

If you are located in the EEA, UK, or Switzerland, you have the following rights:

Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for multiple copies or manifestly unfounded requests.

Right to Rectification

You have the right to request correction of any inaccurate personal data and to have incomplete data completed.

Right to Erasure

You have the right to request deletion of your personal data under certain conditions, including:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data was unlawfully processed
  • Erasure is required for compliance with a legal obligation

Right to Restriction of Processing

You have the right to request restriction of processing your personal data under certain conditions:

  • You contest the accuracy of the data
  • Processing is unlawful but you oppose erasure
  • We no longer need the data but you need it for legal claims
  • You have objected to processing pending verification of legitimate grounds

Right to Data Portability

You have the right to request transfer of your data to another organization or directly to you in a structured, commonly used, and machine-readable format.

Right to Object

You have the right to object to our processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you.

Right to Withdraw Consent

Where we rely on consent as the legal basis for processing, you have the right to withdraw that consent at any time.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]
Subject: GDPR Data Request

We will respond to your request within one month. In complex cases, we may extend this period by two additional months, and we will inform you of any such extension.

Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at:

Email: [email protected]

International Data Transfers

When we transfer your personal data outside the EEA, UK, or Switzerland, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally approved mechanisms

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Our retention periods are determined based on:

  • The nature and sensitivity of the data
  • The purpose for processing
  • Legal requirements
  • Legitimate business interests

Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection
  • Incident response procedures

Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the relevant supervisory authority within 72 hours of becoming aware of the breach.

Third-Party Processors

We work with third-party service providers who process data on our behalf. All processors are contractually bound to:

  • Process data only on our instructions
  • Implement appropriate security measures
  • Assist with data subject rights requests
  • Delete or return data when services end
  • Make available information necessary to demonstrate compliance

Complaints

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of the alleged infringement.

For the UK: Information Commissioner's Office (ICO)
Website: ico.org.uk

For EU countries: You can find your national supervisory authority at the European Data Protection Board website.

Updates to This Policy

We may update this GDPR Compliance page from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Information

For any questions regarding GDPR compliance or to exercise your rights, please contact:

Streakless Haven
Email: [email protected]
Address: 142 Boundary Street, West End, QLD 4101, Australia