GDPR Compliance Framework

Introduction to GDPR

As part of our commitment to ensuring the privacy and protection of personal data, has developed a comprehensive GDPR compliance framework. The General Data Protection Regulation (GDPR) is a regulatory standard set by the European Union to safeguard personal information and to grant individuals greater control over their own data. We recognize the importance of these regulations and have taken extensive steps to align our practices with the requirements set forth by GDPR. This includes the implementation of robust data protection and privacy measures, regular training and updates for our staff, and the establishment of clear policies and procedures to handle personal data responsibly and securely.

Collection and Use of Personal Data

At, we collect personal data only for legitimate purposes as outlined in our privacy policy. Personal data may include name, contact details, browsing history, and other information necessary to provide our services effectively. We are transparent about the data we collect and always seek informed consent from our users before gathering any personal information. We ensure that the data collected is relevant and not excessive in relation to the purposes for which they are processed. By using state-of-the-art security systems, we protect the personal data of our users from unauthorized access, alteration, disclosure, or destruction.

Individual Rights Under GDPR

The GDPR grants individuals a set of rights related to their personal data including the right to access, correct, erasure, restrict processing, data portability, object, and not be subject to automated decision-making processes. acknowledges these rights and has put in place mechanisms to enable individuals to exercise their rights efficiently. Our users can contact us directly to request the exercise of these rights. Furthermore, we have appointed a Data Protection Officer (DPO) who oversees compliance with GDPR and is the point of contact for data protection matters.

Data Retention and Erasure

We have developed a data retention policy that reflects the requirements of GDPR. Personal information is retained only as long as necessary for the fulfilment of the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When the data is no longer required, or if an individual requests deletion in accordance with the GDPR, we proceed with the safe and secure disposal of the data. In crafting our data retention policies, we consider the amount, nature, and sensitivity of personal data, as well as the potential risk of harm from unauthorized use or disclosure of personal data.

Commitment to Data Protection

Protecting the privacy and security of our users' data is a top priority at We are constantly reviewing and updating our data protection measures to ensure compliance with GDPR and to reflect the changing landscape of data privacy. Our team is trained to handle data with the utmost care and in line with the best practices for data protection. We have implemented internal data protection policies that employees must adhere to, and we monitor our data processing activities to prevent any potential GDPR breaches.

If you have any concerns about our data processing or handling methods, please reach out to us at [email protected]. Additionally, you can contact our owner, Edison Galbraith, whose postal address is Queensland University of Technology, 2 George St, Brisbane City QLD 4000, Australia.