Your data protection rights under the General Data Protection Regulation
Amber Horizons is committed to protecting the personal data of all individuals, including those located in the European Economic Area (EEA). We comply with the General Data Protection Regulation (GDPR) and uphold its principles in our data handling practices.
Amber Horizons acts as the data controller for personal information collected through this website. We determine the purposes and means of processing personal data and are responsible for ensuring compliance with data protection laws.
We process personal data under the following legal bases as defined by the GDPR:
If you are located in the EEA, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you and information about how we process it.
You have the right to request correction of any inaccurate or incomplete personal data we hold about you.
You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significant effects on you.
To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month of receipt. In complex cases, this period may be extended by a further two months, and we will inform you of any such extension.
As our business is based in Australia, personal data may be transferred to and processed outside the EEA. When such transfers occur, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission, to protect your personal data.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law. When determining retention periods, we consider the nature and sensitivity of the data, the purposes of processing, and applicable legal requirements.
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security assessments.
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For individuals in the EEA, this would be the data protection authority in your country of residence.
For any questions about this GDPR notice or to exercise your data protection rights, please contact us at:
Email: [email protected]
Address: 42 Harbour View Road, Sydney, NSW 2000, Australia