Last Updated: June 4, 2026
While amethyst-willow is based in Australia, we recognize that some of our website visitors may be located in the European Union. This page outlines how we handle personal data in accordance with the General Data Protection Regulation (GDPR) for EU residents.
For the purposes of GDPR, amethyst-willow acts as the data controller for personal information collected through our website.
Contact details:
Email: [email protected]
Address: 127 Botanical Gardens Drive, Riverside District, Brisbane, Queensland 4000, Australia
We process personal data based on the following legal grounds:
If you are an EU resident, you have the following rights regarding your personal data:
You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.
You can request correction of inaccurate or incomplete personal data we hold about you.
You may request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
You can request that we restrict processing of your personal data in specific situations.
You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.
You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
To exercise any of these rights, please contact us at [email protected] with the subject line "GDPR Request." We will respond to your request within one month, though this period may be extended by two additional months for complex requests.
We may request verification of your identity before processing your request to ensure we protect your personal data from unauthorized access.
Your personal data is processed and stored in Australia. If you are located in the EU, this constitutes a transfer of data outside the European Economic Area. We implement appropriate safeguards to protect your data during such transfers.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Specific retention periods:
We implement technical and organizational security measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:
In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours of becoming aware of the breach, as required by GDPR.
We work with limited third-party service providers who may process personal data on our behalf. These processors are contractually bound to handle data in compliance with GDPR requirements and only process data according to our instructions.
We use cookies and similar technologies on our website. You have the right to accept or reject cookies. For detailed information about our cookie practices and how to manage your preferences, please see our Cookie Policy.
We do not knowingly collect or process personal data from individuals under 16 years of age. If we become aware that we have inadvertently collected such data, we will take immediate steps to delete it.
If you are an EU resident and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.
We may update this GDPR information page to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website with an updated revision date.
For questions about our GDPR compliance or to exercise your rights, please contact:
Email: [email protected]
Subject: GDPR Inquiry