GDPR Compliance

shimmer-latch is committed to protecting the privacy and security of your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This page provides information about how we handle your data and your rights.

Data Controller

shimmer-latch Pty Ltd is the data controller responsible for your personal data. Our contact details are:

shimmer-latch Pty Ltd
Level 12, 456 Collins Street
Melbourne VIC 3000
Australia
Email: [email protected]

Lawful Basis for Processing

We process your personal data on the following legal bases:

• Contract: Processing necessary for the performance of our contract with you (providing language courses and services)
• Consent: Where you have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications)
• Legitimate Interests: Processing necessary for our legitimate interests, such as improving our services and preventing fraud
• Legal Obligation: Processing necessary to comply with legal requirements

Your Rights Under GDPR

If you are a resident of the European Economic Area (EEA) or the United Kingdom, you have the following rights:

Right of Access

You have the right to request a copy of the personal data we hold about you. We will provide this information within one month of your request.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.

Rights Related to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.

International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with an adequacy decision
• Binding Corporate Rules where applicable

Data Protection Officer

While we are not required to appoint a Data Protection Officer, we have designated a privacy contact who can address your data protection queries:

Email: [email protected]

Exercising Your Rights

To exercise any of your rights, please contact us at [email protected]. We will respond to your request within one month. In complex cases, this may be extended by a further two months, in which case we will inform you.

We may need to verify your identity before processing your request. There is no charge for exercising your rights, although we may charge a reasonable fee for manifestly unfounded or excessive requests.

Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with a supervisory authority. For EEA residents, you can find your local authority at https://edpb.europa.eu.

Updates to This Information

We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.

Last updated: January 2024