GDPR Information

1. Introduction to GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organisations processing personal data of individuals in the European Union. While optimvoyage.com is based in Australia, we respect GDPR principles and extend similar protections to all our users.

This document explains your rights under GDPR and how we comply with these regulations.

2. Data Controller Information

For the purposes of GDPR, the data controller is:

We are responsible for deciding how and why your personal data is processed.

3. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

3.1 Right to Access

You have the right to request access to your personal data. This includes:

• Confirmation of whether we process your data
• Access to your personal data
• Information about how we use your data
• Information about data retention periods
• Information about your rights

To request access, email support@optimvoyage.com. We will respond within 30 days.

3.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data. We will correct your data within 30 days of your request.

To request correction, contact us at support@optimvoyage.com with details of the information that needs correction.

3.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data in certain circumstances:

• The data is no longer necessary for its original purpose
• You withdraw consent and there is no other legal basis for processing
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed
• The data must be erased to comply with a legal obligation

We may not be able to delete data if we have a legal obligation to retain it.

3.4 Right to Restriction of Processing

You have the right to request restriction of processing in certain situations:

• You contest the accuracy of your data
• Processing is unlawful but you prefer restriction over deletion
• We no longer need the data but you need it for legal claims
• You have objected to processing pending verification

When processing is restricted, we will only store your data and will process it only with your consent or for legal claims.

3.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer your data directly to another controller where technically feasible.

This right applies when:

• Processing is based on consent or contract
• Processing is carried out by automated means

3.6 Right to Object

You have the right to object to processing of your personal data in certain circumstances:

• Processing based on legitimate interests
• Processing for direct marketing purposes
• Processing for scientific or historical research

If you object to direct marketing, we will stop processing your data for that purpose immediately.

3.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

You can withdraw consent by:

• Emailing support@optimvoyage.com
• Using unsubscribe links in emails
• Adjusting cookie settings in your browser

3.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights. In Australia, you can contact the Office of the Australian Information Commissioner (OAIC). EU residents can contact their local data protection authority.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

4.1 Consent

We process data based on your explicit consent for:

• Newsletter subscriptions
• Marketing communications
• Non-essential cookies

4.2 Legitimate Interests

We process data based on legitimate interests for:

• Website operation and improvement
• Security and fraud prevention
• Analytics and performance monitoring
• Customer service and support

4.3 Legal Obligations

We process data to comply with legal obligations such as:

• Tax and accounting requirements
• Legal requests from authorities
• Record-keeping obligations

4.4 Contract Performance

We process data necessary to provide services you request.

5. Data We Collect

We collect the following categories of personal data:

5.1 Identity Data

Name, email address (when provided voluntarily)

5.2 Technical Data

IP address, browser type, device information, operating system

5.3 Usage Data

Pages visited, time spent, clicks, navigation patterns

5.4 Communication Data

Messages sent through contact forms, email correspondence

5.5 Cookie Data

Information collected through cookies and similar technologies

6. How We Use Your Data

We use your personal data for:

• Providing and maintaining our website
• Responding to enquiries and requests
• Sending newsletters (with consent)
• Improving website functionality and user experience
• Analysing website usage and performance
• Detecting and preventing fraud and security issues
• Complying with legal obligations

7. Data Sharing and Recipients

We may share your data with:

7.1 Service Providers

Third-party service providers who assist with:

• Website hosting
• Analytics services
• Email services
• Technical support

7.2 Legal Authorities

Law enforcement or regulatory authorities when required by law

7.3 Business Transfers

In case of merger, acquisition, or sale of assets

All third parties are required to respect the security of your data and process it in accordance with GDPR.

8. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA) and Australia. When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other legally approved transfer mechanisms

9. Data Retention

We retain personal data only as long as necessary for the purposes outlined in our Privacy Policy:

• Contact form data: 2 years
• Newsletter subscriptions: Until you unsubscribe
• Analytics data: 26 months
• Cookie consent records: 12 months
• Legal documents: As required by law

After retention periods expire, we securely delete or anonymise your data.

10. Data Security

We implement appropriate technical and organisational measures to protect your data:

• Encryption of data in transit (SSL/TLS)
• Encryption of data at rest
• Access controls and authentication
• Regular security assessments
• Employee training on data protection
• Incident response procedures
• Regular backups

11. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours
• Notify affected individuals without undue delay
• Provide information about the breach and our response
• Advise on steps you can take to protect yourself

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

If we implement such processes in the future, we will:

• Inform you about the logic involved
• Explain the significance and consequences
• Provide options to request human intervention
• Allow you to express your point of view
• Enable you to contest decisions

13. Children's Privacy

Our website is not intended for children under 13. We do not knowingly collect data from children under 13 without parental consent.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@optimvoyage.com.

14. Cookie Management

You can manage cookies through:

14.1 Browser Settings

Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block all cookies
• Receive notifications when cookies are set

14.2 Our Cookie Consent Tool

Use our cookie consent banner to manage preferences

14.3 Third-Party Tools

Use browser extensions or privacy tools to manage cookies

Note that blocking cookies may affect website functionality.

15. How to Exercise Your Rights

To exercise any of your GDPR rights:

15.1 Contact Us

Email: support@optimvoyage.com

Subject line: "GDPR Rights Request"

15.2 Provide Information

Include in your request:

• Your full name
• Email address
• Description of your request
• Proof of identity (if required)

15.3 Response Time

We will respond to your request within 30 days. If we need more time, we will inform you and explain why.

15.4 Verification

We may request additional information to verify your identity before processing your request.

15.5 No Fee

We do not charge a fee for processing requests unless they are manifestly unfounded or excessive.

16. Updates to This Document

We may update this GDPR information from time to time. Changes will be posted on this page with an updated revision date.

We encourage you to review this page periodically to stay informed about your rights and our practices.

17. Contact Information

For questions about GDPR or to exercise your rights, contact us:

18. Supervisory Authority

If you are not satisfied with our response to your request or believe we are processing your data unlawfully, you have the right to lodge a complaint with a supervisory authority.

For Australian Residents:

Office of the Australian Information Commissioner (OAIC)

Website: www.oaic.gov.au

For EU Residents:

Contact your local data protection authority. A list of authorities is available at the European Data Protection Board website.

19. Additional Resources

For more information about data protection:

• Read our Privacy Policy
• Review our Terms of Use
• Visit the OAIC website for Australian privacy information
• Visit the European Commission website for GDPR information