GDPR Compliance

Our Commitment to GDPR

Although Sparkling Vale is based in Australia, we are committed to protecting the privacy rights of all our website visitors and customers, including those located in the European Union. This page outlines how we comply with the General Data Protection Regulation (GDPR) for EU residents.

Data Controller

Sparkling Vale acts as the data controller for personal information collected through our website and services. Our contact details are:

Sparkling Vale
147 Garden Way
Melbourne VIC 3000
Australia
Email: [email protected]

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you submit forms on our website or opt in to communications
• Contract: When processing is necessary to provide services you have requested
• Legitimate interests: For purposes such as improving our website and services, provided these interests do not override your fundamental rights
• Legal obligation: When we are required to process data by law

Your Rights Under GDPR

If you are an EU resident, you have the following rights regarding your personal data:

Right of Access

You have the right to request a copy of the personal information we hold about you. We will provide this information within 30 days of your request.

Right to Rectification

You have the right to request that we correct any inaccurate personal data or complete any incomplete data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose or when you withdraw consent.

Right to Restrict Processing

You have the right to request that we limit the way we use your personal data in certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data for direct marketing purposes or processing based on legitimate interests.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal effects or significantly affect you. We do not currently use automated decision-making processes.

Data Transfers

As we are based in Australia, any personal data you provide may be transferred to and processed in Australia. Australia has been recognised by the European Commission as providing adequate protection for personal data. We also implement appropriate safeguards to protect transferred data.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. For EU residents who have only visited our website without becoming customers, we typically delete personal data within 24 months of your last interaction.

Security Measures

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data where appropriate
• Regular security assessments
• Staff training on data protection
• Access controls limiting who can view personal data

Cookies and Tracking

Our website uses cookies with your consent. You can manage your cookie preferences at any time. For more information, please see our Cookies Policy.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within 30 days. We may request verification of your identity before processing your request.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority in your EU member state. However, we encourage you to contact us first so we can address your concerns directly.

Updates to This Notice

We may update this GDPR compliance notice from time to time. Any changes will be posted on this page with an updated date.