GDPR Compliance

Last Updated: May 13, 2026

Our Commitment to GDPR

Cyber Drizzle is committed to protecting the privacy and security of your personal data in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements.

Lawful Basis for Processing

We process personal data only when we have a lawful basis to do so:

• Consent: You have given clear consent for us to process your personal data for a specific purpose
• Contract: Processing is necessary for a contract we have with you
• Legal Obligation: Processing is necessary for us to comply with the law
• Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party

Your GDPR Rights

Under GDPR, you have the following rights:

Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact our DPO:

Email: [email protected]

Data Processing Activities

We process the following categories of personal data:

• Identity data (name, title)
• Contact data (email address, business address)
• Technical data (IP address, browser type, operating system)
• Usage data (how you use our website and services)
• Marketing and communications data (your preferences in receiving marketing)

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

International Transfers

When we transfer your data outside the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards such as:

• Standard contractual clauses approved by the European Commission
• Transfers to countries with adequacy decisions
• Binding corporate rules

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way. We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Address: Level 14, 127 Creek Street, Brisbane QLD 4000, Australia

We will respond to your request within one month. If your request is complex or we have received a number of requests, this period may be extended by up to two months. We will inform you if we need to extend the response period.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

Updates to This Notice

We may update this GDPR compliance notice from time to time. Any changes will be posted on this page with an updated revision date.