Last updated: January 2024
Cobalt Crest Pty Ltd is committed to protecting the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements for individuals located in the European Economic Area (EEA).
Cobalt Crest Pty Ltd acts as the data controller for personal information collected through this website. Our contact details are:
Cobalt Crest Pty Ltd
Level 4, 127 Crown Street
Surry Hills, NSW 2010, Australia
Email: [email protected]
We process personal data under the following lawful bases:
If you are located in the EEA, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request.
You have the right to request correction of any inaccurate or incomplete personal data we hold about you.
You have the right to request deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purpose it was collected.
You have the right to request that we limit how we use your personal data in certain circumstances.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit this data to another controller.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Where we rely on consent as the lawful basis for processing, you have the right to withdraw that consent at any time.
As an Australian company, we may transfer personal data outside the EEA. When we do so, we ensure appropriate safeguards are in place, including:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. The retention period varies depending on the type of data and the purpose of processing.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. Where the breach is likely to result in a high risk, we will also notify affected individuals directly.
To exercise any of your GDPR rights, please contact us using the details below. We may need to verify your identity before processing your request. We will respond to your request within one month.
If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority. For EEA residents, this would be the data protection authority in your country of residence.
For any GDPR-related enquiries or to exercise your rights, please contact:
Data Protection Officer
Cobalt Crest Pty Ltd
Level 4, 127 Crown Street
Surry Hills, NSW 2010, Australia
Email: [email protected]