Information on this site is advertising in nature Mon - Fri: 8:00 AM - 6:00 PM AEST

Our Commitment to Data Protection

lotus-soar is committed to protecting the personal data of all individuals, including visitors from the European Union and European Economic Area. This page outlines how we comply with the General Data Protection Regulation (GDPR) and your rights under this regulation.

Data Controller

lotus-soar acts as the data controller for personal information collected through this website and our services. We determine the purposes and means of processing personal data in accordance with applicable laws.

Legal Basis for Processing

We process personal data only when we have a lawful basis to do so. The legal bases we rely on include:

  • Consent: When you have given clear consent for us to process your personal data for a specific purpose.
  • Contract: When processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: When processing is necessary to comply with a legal obligation.
  • Legitimate Interests: When processing is necessary for our legitimate interests or those of a third party, provided your rights do not override those interests.

Your Rights Under GDPR

If you are located in the EU or EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service if requests are excessive or repetitive.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure

You have the right to request that we erase your personal data under certain conditions, such as when the data is no longer necessary for its original purpose.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data under certain conditions, such as when you contest the accuracy of the data.

Right to Object

You have the right to object to our processing of your personal data under certain conditions, particularly when processing is based on legitimate interests or for direct marketing purposes.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.

Exercising Your Rights

To exercise any of these rights, please contact us using the details below. We will respond to your request within one month. In some cases, we may need to verify your identity before processing your request.

International Data Transfers

As an Australian company, personal data collected from EU/EEA residents may be transferred to and processed in Australia. When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place to protect your data, including:

  • Standard contractual clauses approved by the European Commission
  • Ensuring the receiving country has adequate data protection laws
  • Other appropriate safeguards as required by GDPR

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. When personal data is no longer needed, it is securely deleted or anonymised.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data where appropriate
  • Regular testing and evaluation of security measures
  • Staff training on data protection and security
  • Access controls to limit who can view personal data

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

Supervisory Authority

If you are located in the EU or EEA and believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority.

Contact Information

For any questions about this GDPR compliance notice or to exercise your data protection rights, please contact us at:

lotus-soar
42 Harbour Street
Sydney, NSW 2000
Australia
[email protected]