GDPR Compliance

Last Updated: May 11, 2026

Our Commitment to GDPR

While sparkle-fleck is based in Australia, we recognize and respect the rights of individuals in the European Economic Area (EEA) under the General Data Protection Regulation (GDPR). This page outlines our compliance practices and your rights under GDPR.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: You have given explicit consent for processing your personal data for specific purposes
• Contract: Processing is necessary for the performance of our services
• Legal Obligation: Processing is necessary to comply with legal requirements
• Legitimate Interests: Processing is necessary for our legitimate business interests, balanced against your rights

Your Rights Under GDPR

If you are located in the EEA, you have the following rights:

Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies beyond the first request.

Right to Rectification

You have the right to request correction of any information you believe is inaccurate or incomplete.

Right to Erasure

You have the right to request deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes it was collected.

Right to Restrict Processing

You have the right to request restriction of processing your personal data under certain conditions.

Right to Object to Processing

You have the right to object to our processing of your personal data under certain conditions.

Right to Data Portability

You have the right to request transfer of your data to another organization or directly to you, in a structured, commonly used format.

Right to Withdraw Consent

Where we rely on consent to process your personal data, you have the right to withdraw that consent at any time.

Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at:

Email: [email protected]

Data Transfers

When transferring data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions for certain countries
• Your explicit consent for specific transfers

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Subject Line: GDPR Rights Request

We will respond to your request within one month. In complex cases, this may be extended by two additional months, and we will inform you of any such extension.

Right to Lodge a Complaint

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local supervisory authority in the EEA.

Updates to This Policy

We may update this GDPR compliance statement from time to time. Any changes will be posted on this page with an updated revision date.