GDPR Compliance

Effective Date: May 22, 2026

Introduction

Glide Spire is committed to protecting the privacy and personal data of individuals in accordance with the General Data Protection Regulation (GDPR). This document outlines how we comply with GDPR requirements when processing personal data of individuals located in the European Economic Area (EEA).

Data Controller

Glide Spire acts as the data controller for personal information collected through our website and services. Our contact details are:

Glide Spire
142 Eucalypt Ridge Road
Springwood, NSW 2777
Australia
Email: [email protected]

Legal Basis for Processing

We process personal data only when we have a legal basis to do so under GDPR. The legal bases we rely on include:

• Consent: You have given clear consent for us to process your personal data for specific purposes
• Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
• Legal obligation: Processing is necessary for us to comply with the law
• Legitimate interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those interests

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request access to the personal data we hold about you and receive a copy of it.

Right to Rectification

You have the right to request that we correct any inaccurate personal data or complete any incomplete personal data we hold about you.

Right to Erasure (Right to be Forgotten)

Under certain circumstances, you have the right to request that we delete your personal data.

Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data under certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to our processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where we rely on consent as the legal basis for processing, you have the right to withdraw your consent at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement of data protection laws occurred.

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, though this period may be extended by two additional months where necessary, taking into account the complexity and number of requests.

Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication procedures
• Staff training on data protection practices
• Incident response procedures for data breaches

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When determining retention periods, we consider:

• The amount, nature, and sensitivity of the personal data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the data
• Whether we can achieve those purposes through other means
• Applicable legal requirements

International Data Transfers

As we are based in Australia, your personal data may be transferred outside the EEA. When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions recognizing that certain countries provide adequate protection
• Other legally approved transfer mechanisms

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

Children's Data

Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected such data, we will delete it promptly.

Updates to This Statement

We may update this GDPR compliance statement from time to time. We will notify you of any material changes by posting the updated statement on our website and updating the effective date.

Contact Information

If you have questions about our GDPR compliance practices or wish to exercise your rights, please contact us:

Email: [email protected]
Address: 142 Eucalypt Ridge Road, Springwood, NSW 2777, Australia