Last Updated: June 4, 2026
stone-juniper is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This document outlines how we comply with GDPR requirements and explains your rights as a data subject.
We process personal data only when we have a lawful basis to do so. The legal bases we rely on include:
For the purposes of GDPR, the data controller is:
stone-juniper
47 Riverside Terrace
Brisbane QLD 4000
Australia
Email: [email protected]
Under the GDPR, you have the following rights regarding your personal data:
You have the right to request confirmation of whether we are processing your personal data and to obtain access to that data. We will provide you with a copy of your personal data in a structured, commonly used, and machine-readable format upon request.
If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it.
You have the right to request the deletion of your personal data in certain circumstances, including when:
You have the right to request that we restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to our processing.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller without hindrance from us.
You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes. Upon receiving an objection, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
Where we rely on your consent as the legal basis for processing, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates data protection laws.
To exercise any of the rights described above, please contact us using the contact information provided in this document. We will respond to your request within one month, though this period may be extended by two additional months in complex cases. We will inform you of any such extension within the initial one-month period.
We may request additional information to verify your identity before processing your request to ensure the security of your personal data.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When determining retention periods, we consider:
If we transfer your personal data outside of the European Economic Area (EEA), we ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements. These safeguards may include standard contractual clauses approved by the European Commission or transfers to countries with adequacy decisions.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay and within 72 hours of becoming aware of the breach, as required by GDPR.
We may update this GDPR compliance document from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised date.
If you have questions about our GDPR compliance or wish to exercise your data protection rights, please contact us at:
Email: [email protected]
Address: 47 Riverside Terrace, Brisbane QLD 4000, Australia