Last updated: May 20, 2026
Aurora Treasures is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and explains your rights as a data subject.
We process your personal data under the following legal bases:
As a data subject, you have the following rights:
You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies beyond the first request.
You have the right to request correction of inaccurate or incomplete personal data we hold about you.
You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
You have the right to request that we restrict processing of your personal data in specific situations, such as when you contest the accuracy of the data.
You have the right to request transfer of your personal data to another organization or directly to you, in a structured, commonly used, and machine-readable format.
You have the right to object to processing of your personal data where we rely on legitimate interest as the legal basis, or where we process data for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects you.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month of receipt. In some cases, we may extend this period by an additional two months if your request is complex.
We may need to verify your identity before processing your request. We will not charge a fee for processing requests unless they are manifestly unfounded or excessive.
For questions about our data protection practices or to exercise your rights, you can contact our Data Protection Officer at:
Email: [email protected]
Subject line: GDPR Inquiry
We primarily process data within Australia. If we transfer personal data outside of the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Retention periods vary depending on:
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the appropriate supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk, we will also notify affected individuals without undue delay.
If you believe we have not complied with GDPR requirements, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement occurred.
We encourage you to contact us first so we can address your concerns directly.
We may update this GDPR compliance statement from time to time. We will notify you of significant changes through our website or by email where appropriate.
For any questions about our GDPR compliance or to exercise your rights, please contact:
Aurora Treasures
127 Garden Lane
Brisbane, QLD 4000
Australia
Email: [email protected]