GDPR Compliance

Last updated: May 22, 2026

Introduction

Radiant Mirror is committed to protecting the personal data of individuals in the European Union and complying with the General Data Protection Regulation (GDPR). This page outlines how we handle personal data in accordance with GDPR requirements.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you provide explicit consent for us to process your data for specific purposes.
• Contractual Necessity: When processing is necessary for the performance of a contract with you.
• Legitimate Interests: When we have a legitimate interest in processing your data, such as improving our services or preventing fraud.
• Legal Obligation: When we must process data to comply with legal requirements.

Your Rights Under GDPR

If you are located in the European Union, you have the following rights regarding your personal data:

Right of Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You can request that we correct any inaccurate or incomplete personal data.

Right to Erasure

You have the right to request deletion of your personal data under certain circumstances, including when the data is no longer necessary for the purposes it was collected.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain situations.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object

You can object to our processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights.

Data Protection Officer

For questions regarding data protection or to exercise your GDPR rights, please contact us at:

Email: [email protected]
Subject Line: GDPR Request

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy or as required by law. After this period, we securely delete or anonymize your data.

International Data Transfers

If we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects individuals.

Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Staff training on data protection practices

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

Third-Party Processors

We work with third-party service providers who process personal data on our behalf. We ensure these processors comply with GDPR requirements through contractual agreements that specify data protection obligations.

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. We encourage you to review this page periodically.

Contact Information

For any questions, concerns, or requests related to GDPR compliance, please contact us:

Radiant Mirror
Level 7, 142 Collins Street
Melbourne VIC 3000
Australia
Email: [email protected]