GDPR Compliance

Our Commitment to GDPR

clever-tapir respects the privacy rights of individuals in the European Union and European Economic Area. Although we are an Australian company, we are committed to complying with the General Data Protection Regulation (GDPR) for any EU/EEA residents who use our services.

Data Controller

clever-tapir acts as the data controller for personal information collected through our website and services. Our contact details are:

clever-tapir
142 Wickham Street
Fortitude Valley QLD 4006
Australia
Email: [email protected]

Legal Basis for Processing

We process personal data under the following legal bases:

• Contract Performance: Processing necessary to fulfil our rental agreement with you
• Legitimate Interests: Processing for our legitimate business interests, such as fraud prevention and service improvement
• Legal Obligation: Processing required to comply with applicable laws
• Consent: Processing based on your explicit consent, such as marketing communications

Your Rights Under GDPR

If you are an EU/EEA resident, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information within one month of your request.

Right to Rectification

You have the right to request correction of any inaccurate personal data we hold about you.

Right to Erasure

You have the right to request deletion of your personal data where there is no compelling reason for its continued processing. This right is not absolute and may be limited by legal retention requirements.

Right to Restrict Processing

You have the right to request that we limit the processing of your personal data in certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making in our services.

International Data Transfers

As an Australian company, any personal data you provide may be transferred to and processed in Australia. Australia has been recognised by the European Commission as providing adequate data protection under Article 45 of the GDPR.

Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected. Rental records are typically retained for seven years to meet legal and insurance requirements. Marketing data is retained until you withdraw consent.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data in transit and at rest
• Access controls and authentication measures
• Regular security assessments
• Staff training on data protection

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in a high risk, we will also notify you directly.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We may need to verify your identity before processing your request. We will respond to your request within one month.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For EU residents, this would be the data protection authority in your country of residence.

Changes to This Notice

We may update this GDPR notice from time to time. Any changes will be posted on this page with an updated revision date.