GDPR Compliance

Last updated: May 10, 2026

Our Commitment to GDPR

lively-dusk is committed to protecting the privacy and security of your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you provide explicit consent for specific processing activities
• Contract: When processing is necessary to fulfill our contractual obligations
• Legal Obligation: When required by law
• Legitimate Interests: When necessary for our legitimate business interests, balanced against your rights

Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Access

You have the right to request access to the personal data we hold about you and receive a copy of that data.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

Also known as the "right to be forgotten," you can request deletion of your personal data under certain circumstances.

Right to Restriction of Processing

You can request that we limit the processing of your personal data in specific situations.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

Data Protection Officer

For questions regarding data protection or to exercise your GDPR rights, contact our Data Protection Officer:

Email: [email protected]
Address: Level 14, 383 Kent Street, Sydney NSW 2000, Australia

How to Exercise Your Rights

To exercise any of your GDPR rights, please submit a request via email to [email protected]. We will respond to your request within 30 days.

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

International Data Transfers

When transferring personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for certain countries
• Other legally approved transfer mechanisms

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Retention periods vary depending on the type of data and purpose of processing.

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe your data protection rights have been violated.

Updates to This Notice

We may update this GDPR compliance notice from time to time. Material changes will be communicated to you via email or prominent notice on our website.