Your data protection rights under European regulations
Smooth Lane is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This page outlines how we handle personal data for individuals in the European Economic Area (EEA) and the United Kingdom.
Smooth Lane acts as the data controller for personal information collected through our website and services. Our contact details are:
Smooth Lane
42 Harbour Street
Sydney NSW 2000, Australia
Email: [email protected]
We process your personal data under the following legal bases:
If you are located in the EEA or UK, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of receiving your request.
You have the right to request that we correct any inaccurate personal data or complete any incomplete data we hold about you.
You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes it was collected or when you withdraw consent.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently engage in automated decision-making.
As we are based in Australia, your personal data may be transferred to and processed in Australia. When transferring data outside the EEA, we ensure appropriate safeguards are in place, including standard contractual clauses approved by the European Commission.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods depend on the nature of the data and the purposes for processing.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, notify you directly.
To exercise any of your rights, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by two months, in which case we will inform you.
We may need to verify your identity before processing your request. If we cannot verify your identity, we may ask for additional information.
If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with a supervisory authority. For the UK, this is the Information Commissioner's Office (ICO). For EU member states, contact your local data protection authority.
We may update this GDPR information from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.
For any questions about GDPR compliance or to exercise your data protection rights, please contact us at [email protected].