GDPR Compliance - Noble Trek

Our Commitment to GDPR

Noble Trek is committed to protecting the privacy and security of personal data. Although we are based in Australia, we recognise the importance of the General Data Protection Regulation (GDPR) and extend its protections to all our users, including those in the European Economic Area (EEA).

Data Controller

Noble Trek acts as the data controller for personal information collected through our website and services. We determine the purposes and means of processing personal data.

Contact Details:
Noble Trek
Level 2, 45 Crown Street
Surry Hills NSW 2010
Australia
Email: [email protected]

Lawful Basis for Processing

We process personal data only when we have a lawful basis to do so. The lawful bases we rely on include:

Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., receiving marketing communications).
Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract (e.g., processing a booking).
Legal Obligation: Processing is necessary for us to comply with the law.
Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and interests.

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal information we hold about you. We will provide this information free of charge within one month of receiving your request.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected, or when you withdraw consent.

Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or when processing is unlawful.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.

Exercising Your Rights

To exercise any of your rights, please contact us at [email protected]. We will respond to your request within one month. In certain circumstances, we may extend this period by a further two months, in which case we will inform you within the first month.

We may ask you to verify your identity before processing your request. We will not charge a fee for most requests, but we may charge a reasonable fee if your request is clearly unfounded or excessive.

International Data Transfers

As we are based in Australia, personal data may be transferred to and processed in Australia. When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place to protect your data, such as:

Standard contractual clauses approved by the European Commission
Ensuring the recipient country has an adequate level of data protection
Obtaining your explicit consent for the transfer

Data Protection Officer

For GDPR-related enquiries, you may contact our data protection point of contact:

Email: [email protected]

Complaints

If you believe that we have not complied with your data protection rights, you have the right to lodge a complaint with a supervisory authority. For individuals in the EEA, you may contact your local Data Protection Authority.

Changes to This Policy

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.