GDPR Compliance

About GDPR

The General Data Protection Regulation (GDPR) is a European Union regulation that governs the processing of personal data of individuals within the EU. Although TasmanvordProTech operates in Australia, we are committed to providing GDPR-level protections to all our users, regardless of location.

Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format within 30 days of your request.

Right to Rectification

If the personal data we hold about you is inaccurate or incomplete, you have the right to request correction. We will update your information promptly upon verification of your request.

Right to Erasure

Also known as the "right to be forgotten," you can request that we delete your personal data when:

• The data is no longer necessary for the purpose it was collected
• You withdraw consent (where consent was the basis for processing)
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

Right to Restriction of Processing

You can request that we limit how we use your data while we address your concerns about accuracy or our use of your information.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or significant effects. TasmanvordProTech does not currently use automated decision-making processes.

Lawful Basis for Processing

We process personal data based on the following lawful bases:

• Contract: Processing necessary to perform our services (e.g., enrollment, program delivery)
• Consent: Processing based on your explicit consent (e.g., marketing communications)
• Legitimate Interests: Processing necessary for our legitimate business interests, provided they do not override your rights
• Legal Obligation: Processing required to comply with applicable laws

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Student records: 7 years after program completion (for administrative and legal purposes)
• Marketing data: Until consent is withdrawn
• Website analytics: 26 months
• Financial records: As required by Australian tax law

International Data Transfers

As TasmanvordProTech is based in Australia, data may be transferred outside the EEA. When this occurs, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Transfers to countries deemed adequate by the European Commission
• Your explicit consent

Data Protection Contact

For GDPR-related enquiries or to exercise your rights, please contact:

Data Protection Officer
Email: [email protected]
Address: Level 12, 287 Collins Street, Melbourne VIC 3000, Australia

Supervisory Authority

If you are in the EEA and believe we have not handled your data appropriately, you have the right to lodge a complaint with your local supervisory authority. However, we encourage you to contact us first so we can address your concerns directly.

How to Make a Request

To exercise any of your GDPR rights:

• Email us at [email protected] with your request
• Include sufficient information to verify your identity
• Specify which right you wish to exercise

We will respond to your request within 30 days. If we need additional time due to complexity, we will inform you within the initial 30-day period.

Changes to This Notice

We may update this GDPR notice periodically. Changes will be posted on this page with the updated revision date. We encourage you to review this notice regularly.