Leaf Cypress is committed to protecting your personal data and respecting your privacy. This page outlines how we comply with the General Data Protection Regulation (GDPR) for visitors and customers in the European Economic Area (EEA) and the United Kingdom.
Leaf Cypress acts as the data controller for personal information collected through this website and our services. This means we determine the purposes and means of processing your personal data.
Contact Details:
Leaf Cypress
147 Culinary Lane
Collingwood VIC 3066
Australia
Email: [email protected]
If you are located in the EEA or UK, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request.
You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.
You have the right to request that we delete your personal data in certain circumstances, including:
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You may also request that we transfer this data to another controller where technically feasible.
You have the right to object to processing of your personal data for:
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making in relation to our services.
We process your personal data based on the following legal grounds:
Where you have given clear consent for us to process your personal data for a specific purpose, such as marketing communications.
Where processing is necessary for the performance of a contract with you, such as providing culinary services you have booked.
Where processing is necessary for our legitimate interests or those of a third party, provided these interests do not override your fundamental rights and freedoms.
Where processing is necessary for compliance with a legal obligation to which we are subject.
As we are based in Australia, your personal data may be transferred to and processed in Australia. When we transfer data outside the EEA or UK, we ensure appropriate safeguards are in place to protect your information, including:
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Retention periods vary depending on the type of data and purpose of processing. When data is no longer needed, we securely delete or anonymise it.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include encryption, access controls, and regular security assessments.
To exercise any of your rights under GDPR, please contact us at:
Email: [email protected]
We will respond to your request within one month. In complex cases, we may extend this period by up to two additional months, in which case we will inform you of the extension and the reasons for it.
We may ask you to verify your identity before processing your request to ensure we protect your data appropriately.
If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with a supervisory authority. For EEA residents, this would be the data protection authority in your country of residence. For UK residents, this would be the Information Commissioner's Office (ICO).
However, we encourage you to contact us first so we can address your concerns directly.
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.