1. Introduction

While classic-tide is an Australian-based company primarily serving Australian residents, we recognize that the General Data Protection Regulation (GDPR) may apply to certain data processing activities involving individuals in the European Union (EU) or European Economic Area (EEA).

This document outlines our commitment to GDPR compliance for any EU/EEA residents who interact with our website or services.

2. Legal Basis for Processing

When we process personal data of EU/EEA residents, we do so based on one or more of the following legal grounds:

• Consent: You have given clear consent for us to process your personal data for specific purposes
• Contract: Processing is necessary to fulfill a contract we have with you
• Legal Obligation: Processing is necessary to comply with the law
• Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not overridden by your rights and interests

3. Your Rights Under GDPR

If you are a resident of the EU/EEA, you have the following rights regarding your personal data:

3.1 Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies beyond the first request.

3.2 Right to Rectification

You have the right to request correction of any information you believe is inaccurate or completion of information you believe is incomplete.

3.3 Right to Erasure

You have the right to request deletion of your personal data under certain conditions, including when the data is no longer necessary for the purposes for which it was collected.

3.4 Right to Restrict Processing

You have the right to request restriction of processing of your personal data under certain conditions.

3.5 Right to Object

You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.

3.6 Right to Data Portability

You have the right to request transfer of your data to another organization, or directly to you, in a structured, commonly used, and machine-readable format.

3.7 Right to Withdraw Consent

Where we rely on consent as the legal basis for processing, you have the right to withdraw your consent at any time.

4. Data Protection Officer

For GDPR-related inquiries, you may contact our designated data protection contact:

Email: [email protected]
Subject Line: "GDPR Data Protection Inquiry"

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Retention periods vary depending on the type of data and the purpose of processing.

6. International Data Transfers

As an Australian company, personal data collected from EU/EEA residents may be transferred to and processed in Australia. Australia is recognized by the European Commission as providing adequate protection for personal data. We ensure appropriate safeguards are in place for any further transfers outside Australia.

7. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

8. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

9. Children's Data

We do not knowingly collect or process personal data from children under 16 years of age without parental consent. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information.

10. Cookies and Tracking

We use cookies and similar tracking technologies on our website. You can manage your cookie preferences through our cookie banner or by adjusting your browser settings. For more information, see our Cookies Policy.

11. Third-Party Processors

When we engage third-party service providers to process personal data on our behalf, we ensure they provide sufficient guarantees of GDPR compliance through appropriate contractual arrangements.

12. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Subject Line: "GDPR Rights Request"

We will respond to your request within one month. In complex cases, we may extend this period by two additional months, and we will inform you of any such extension.

13. Right to Lodge a Complaint

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with your local supervisory authority in the EU/EEA. Contact details for EU data protection authorities can be found at: https://classic-tide.com/about-edpb/board/members_en

14. Updates to This Statement

We may update this GDPR Compliance Statement from time to time. We will notify you of any material changes by posting the updated statement on our website with a revised "Last Updated" date.

15. Contact Information

For questions about this GDPR Compliance Statement or our data protection practices:

Email: [email protected]
Address: Level 14, 287 Collins Street, Melbourne VIC 3000, Australia