Your data protection rights under the General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a European Union regulation that governs data protection and privacy. Although Bliss Horizon is based in Australia, we are committed to providing the same level of data protection to all our customers, including those in the European Economic Area (EEA).
This page outlines your rights under the GDPR and how we comply with its requirements.
Bliss Horizon Pty Ltd acts as the data controller for personal information collected through our website and services. This means we determine the purposes and means of processing your personal data.
Contact details:
Bliss Horizon Pty Ltd
47 Parkview Drive
Richmond VIC 3121
Australia
Email: [email protected]
We process personal data based on the following lawful bases:
If you are located in the EEA, you have the following rights regarding your personal data:
You have the right to request copies of your personal data. We may charge a small fee for this service if the request is excessive or unfounded.
You have the right to request that we correct any information you believe is inaccurate or incomplete.
You have the right to request that we erase your personal data, under certain conditions. This is also known as the "right to be forgotten."
You have the right to request that we restrict the processing of your personal data, under certain conditions.
You have the right to object to our processing of your personal data, under certain conditions, particularly where we rely on legitimate interests as our lawful basis.
You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.
Where we rely on consent as our lawful basis for processing, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or you have made numerous requests, we may extend this period by a further two months, in which case we will inform you.
We may need to verify your identity before processing your request. If we cannot verify your identity, we may request additional information.
As we are based in Australia, if you are located in the EEA, your personal data may be transferred to and processed in Australia. Australia has been granted an adequacy decision by the European Commission, meaning it provides an adequate level of data protection.
Where we use service providers located outside of countries with adequacy decisions, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
Given the nature and scale of our data processing activities, we have not appointed a Data Protection Officer. However, for any data protection enquiries, please contact us at [email protected].
If you are located in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local supervisory authority. You can find the contact details for your local authority at the European Data Protection Board website.
We may update this GDPR compliance notice from time to time. Any changes will be posted on this page with an updated revision date.
Last updated: January 2024