isle-trail is committed to protecting and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This page outlines your rights and our obligations under these regulations.
Data Controller
isle-trail is the data controller responsible for your personal data collected through this website. If you have questions about how we handle your data, please contact us at [email protected].
Your Rights Under GDPR
Under GDPR, you have the following rights regarding your personal data:
Right to Access
You have the right to request a copy of the personal data we hold about you and to receive information about how it is processed.
Right to Rectification
You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.
Right to Erasure
You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
Right to Object
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
Rights Related to Automated Decision Making
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.
Legal Basis for Processing
We process your personal data on the following legal bases:
- Consent: Where you have given us explicit consent to process your data for specific purposes.
- Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
- Legal Obligation: Where processing is necessary for compliance with a legal obligation.
- Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided your rights do not override those interests.
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws and regulations. When data is no longer needed, we securely delete or anonymise it.
International Data Transfers
Your data may be transferred to and processed in countries outside of Australia. Where this occurs, we ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.
Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage.
Exercising Your Rights
To exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month. In certain circumstances, we may extend this period by up to two further months, in which case we will inform you of the extension and the reasons for it.
Complaints
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Australia, you may contact the Office of the Australian Information Commissioner (OAIC).
Changes to This Information
We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.
Last updated: January 2024