GDPR Compliance Statement

1. Our Commitment to Data Protection

While Fiber Spark is an Australian-based company primarily operating under Australian Privacy Principles, we recognize that we may process personal data of individuals located in the European Economic Area (EEA) and United Kingdom. This statement outlines our commitment to compliance with the General Data Protection Regulation (GDPR) when processing such data.

2. Legal Basis for Processing

We process personal data only when we have a valid legal basis, including:

• Consent: You have given clear consent for us to process your personal data for a specific purpose
• Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
• Legal Obligation: Processing is necessary for us to comply with the law
• Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, provided your interests and fundamental rights do not override those interests

3. Your Rights Under GDPR

If you are located in the EEA or UK, you have the following rights regarding your personal data:

3.1 Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

3.2 Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

3.3 Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

3.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

3.5 Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions.

3.6 Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

4. How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]
Subject Line: GDPR Data Subject Request

We will respond to your request within one month of receipt. In complex cases, we may extend this period by two additional months, and we will inform you of any such extension.

5. Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data in transit and at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication mechanisms
• Staff training on data protection principles
• Incident response procedures

6. International Data Transfers

As we are based in Australia, personal data from the EEA or UK may be transferred to and processed in Australia. When we transfer personal data outside the EEA or UK, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Other legally valid transfer mechanisms

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Providing our services to you
• Complying with legal, accounting, or reporting requirements
• Maintaining records for dispute resolution

When personal data is no longer required, we will securely delete or anonymize it.

8. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay and, where feasible, within 72 hours of becoming aware of the breach. We will also notify the relevant supervisory authority where required by law.

9. Automated Decision-Making and Profiling

We do not engage in automated decision-making or profiling that produces legal effects or similarly significantly affects individuals.

10. Children's Data

Our services are not directed at children under the age of 16. We do not knowingly collect or process personal data of children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

11. Third-Party Data Processors

When we engage third-party service providers to process personal data on our behalf, we ensure they:

• Process data only on our documented instructions
• Maintain appropriate security measures
• Comply with GDPR requirements
• Enter into data processing agreements with us

12. Cookies and Tracking

We use cookies and similar tracking technologies in accordance with GDPR requirements. For detailed information about our cookie practices, please see our Cookies Policy.

13. Marketing Communications

We will only send you marketing communications if:

• You have given us explicit consent, or
• We have a legitimate interest and you have not opted out

You can opt out of marketing communications at any time by contacting us or using the unsubscribe link in our emails.

14. Data Protection Officer

For questions about our GDPR compliance or data protection practices, please contact us at:

Email: [email protected]
Subject Line: Data Protection Inquiry

15. Supervisory Authority

If you are located in the EEA or UK, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of alleged infringement.

For UK residents, the relevant authority is the Information Commissioner's Office (ICO):
Website: ico.org.uk

16. Updates to This Statement

We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or legal requirements. We will post any updates on this page with a new "Last Updated" date.

17. Contact Information

For any questions or concerns regarding GDPR compliance:

Fiber Spark
Email: [email protected]
Address: Level 14, 275 Alfred Street, North Sydney NSW 2060, Australia